-
web.groovymark@gmail.com
- November 20, 2024
Question 21
A company implements an audit committee to oversee compliance with legal and ethical standards. Which function does this committee serve?
a) Develops new software solutions
b) Protects intellectual property
c) Ensures accountability and compliance
d) Manages system performance
Correct Answer: c) Ensures accountability and compliance
Explanation: An audit committee oversees compliance with legal, regulatory, and ethical standards, helping ensure accountability in financial reporting and organizational conduct.
Question 22
A hacker installs malicious software on a company’s network that spreads autonomously. What type of attack is this?
a) Trojan horse
b) Worm
c) Smishing
d) Spear phishing
Correct Answer: b) Worm
Explanation: A worm is a type of malware that spreads autonomously across a network, exploiting security vulnerabilities without requiring user action.
Question 23
Which principle of the CIA triad refers to ensuring that data remains unchanged and accurate during storage and transmission?
a) Availability
b) Confidentiality
c) Integrity
d) Accountability
Correct Answer: c) Integrity
Explanation: Integrity ensures that data remains accurate and unaltered, protecting it from unauthorized modifications during storage or transmission.
Question 24
A healthcare organization fails to encrypt patient records, which leads to unauthorized access. Which regulation did the organization potentially violate?
a) Fair Credit Reporting Act
b) HIPAA
c) Gramm-Leach-Bliley Act
d) CAN-SPAM Act
Correct Answer: b) HIPAA
Explanation: HIPAA requires healthcare organizations to protect patient information, including using encryption to prevent unauthorized access to sensitive health records.
Question 25
A company allows employees to work from home using their personal devices. What is the primary risk associated with this practice?
a) Increased system performance
b) Reduced productivity
c) Increased security vulnerabilities
d) Improved employee satisfaction
Correct Answer: c) Increased security vulnerabilities
Explanation: Allowing employees to use personal devices for work can increase security vulnerabilities, as these devices may not have the same level of security controls as corporate devices.
Question 26
A company gathers user data to improve its AI system but does not obtain user consent. What principle of data privacy is violated in this scenario?
a) Transparency
b) Integrity
c) User consent
d) Accountability
Correct Answer: c) User consent
Explanation: Failing to obtain user consent before collecting personal data violates the privacy principle that individuals must agree to the collection and use of their information.
Question 27
Which type of intellectual property protection is granted for the invention of a new and useful process or machine?
a) Design patent
b) Copyright
c) Utility patent
d) Trademark
Correct Answer: c) Utility patent
Explanation: A utility patent is granted for the invention of a new and useful process, machine, or improvement, giving exclusive rights to the inventor to use, make, or sell the invention.
Question 28
Which law grants U.S. citizens the right to access government records upon request?
a) General Data Protection Regulation (GDPR)
b) Foreign Intelligence Surveillance Act (FISA)
c) Freedom of Information Act (FOIA)
d) Fair Credit Reporting Act
Correct Answer: c) Freedom of Information Act (FOIA)
Explanation: FOIA grants U.S. citizens the right to access government records, promoting transparency and accountability in government activities
Question 29
A company decides to reverse engineer a competitor’s software to replicate its functionality. What ethical concern does this practice raise?
a) Conflict of interest
b) Lack of transparency
c) Intellectual property infringement
d) Data privacy
Correct Answer: c) Intellectual property infringement
Explanation: Reverse engineering a competitor's software without permission can violate intellectual property rights, leading to legal and ethical concerns
Question 30
A software development company wants to ensure that its program runs reliably in different environments. What type of testing should it perform?
a) Unit testing
b) Integration testing
c) System testing
d) User acceptance testing
Correct Answer: c) System testing
Explanation: System testing is performed to validate that the entire system works as expected in different environments, ensuring that all components function together correctly.
Question 31
Which ethical challenge is associated with the widespread use of artificial intelligence (AI) in decision-making processes?
a) Increased system performance
b) Algorithmic bias
c) Data transparency
d) Lack of accountability
Correct Answer: b) Algorithmic bias
Explanation: Algorithmic bias is a significant ethical concern in AI, as it can lead to unfair or discriminatory outcomes based on biased training data or flawed algorithms.
Question 32
A company chooses not to implement security patches on its systems to avoid downtime. Which type of risk management strategy is this?
a) Mitigation
b) Transference
c) Avoidance
d) Acceptance
Correct Answer: d) Acceptance
Explanation: Risk acceptance occurs when a company decides to accept the potential risks associated with not addressing a vulnerability, often due to cost or operational concerns.
Question 33
Which form of digital communication is most vulnerable to smishing attacks?
a) Email
b) Social media posts
c) Text messages
d) Online forums
Correct Answer: c) Text messages
Explanation: Smishing is a type of phishing attack that uses text messages to deceive individuals into providing sensitive information, such as passwords or financial details.
Question 34
What is the primary function of a digital signature in secure communications?
a) To encrypt the message
b) To provide non-repudiation
c) To improve system performance
d) To manage system access
Correct Answer: b) To provide non-repudiation
Explanation: A digital signature ensures non-repudiation by verifying the identity of the sender and ensuring that the message cannot be denied after being sent.
Question 35
A software developer inflates their resume to claim expertise in areas where they lack experience. What ethical issue does this represent?
a) Conflict of interest
b) Misrepresentation
c) Data integrity
d) Intellectual property theft
Correct Answer: b) Misrepresentation
Explanation: Inflating a resume is an example of misrepresentation, as it involves providing false information to gain a position or advantage.
Question 36
Which ethical principle is violated when a company tracks user behavior online without their knowledge or consent?
a) Data availability
b) Transparency
c) Integrity
d) Accountability
Correct Answer: b) Transparency
Explanation: Tracking user behavior without their knowledge or consent violates the principle of transparency, as users should be informed about how their data is collected and used.
Question 37
A company prioritizes data integrity over other security measures. Which aspect of the CIA triad is being emphasized?
a) Availability
b) Confidentiality
c) Integrity
d) Accountability
Correct Answer: c) Integrity
Explanation: Data integrity ensures that information remains accurate and unaltered, preventing unauthorized changes to critical data during storage or transmission.
Question 38
Which law provides legal protections for trade secrets in the U.S.?
a) Fair Credit Reporting Act
b) Defend Trade Secrets Act
c) Gramm-Leach-Bliley Act
d) Communications Decency Act
Correct Answer: b) Defend Trade Secrets Act
Explanation: The Defend Trade Secrets Act provides federal protection for trade secrets in the U.S., allowing companies to pursue civil remedies for trade secret misappropriation.
Question 39
Which type of malicious code executes its payload when triggered by a specific event or time?
a) Trojan horse
b) Logic bomb
c) Worm
d) Virus
Correct Answer: b) Logic bomb
Explanation: A logic bomb is a type of malicious code that is programmed to execute when triggered by a specific event, such as a particular date or system activity.
Question 40
What is the purpose of the Children’s Internet Protection Act (CIPA)?
a) To regulate online advertising
b) To protect minors from harmful online content
c) To enforce intellectual property rights
d) To enhance data encryption
Correct Answer: b) To protect minors from harmful online content
Explanation: CIPA requires schools and libraries that receive federal funding to implement measures that protect minors from accessing harmful content on the internet.
