Upgrade to remove ads Show Only ₩37,125/year
Review terms and definitions
Focus your studying with a path
Take a practice test
Get faster at matching terms Terms in this set (93)The Privacy Rule The HIPAA _________________ dictates how covered entities must protect the privacy of personal health information Trade Secrets A ______________ protects the formulas, processes, methods, and information that give a business a competitive edge Admissible Evidence A judge or jury can consider only _______________ evidence when deciding cases Property Interest A legal owner of property has the right to use that property in any way they want to, and the power to give those rights to another. This is called _____________. Trademark _____________ are used to protect words, logos, and symbols that identify a product or services HIPAA "Health Insurance Portability and Accountability Act" - Before ____________________, many workers experienced "job lock" and were afraid that they would lose health care benefits if they changed jobs. - ____________________was created by Congress to make health insurance portable. - ___________________ forbids a new employer's health plan from denying health coverage for some reasons and prohibits discrimination against workers based on certain conditions such as pregnancy. protected health information (PHI) PHI refers to: Federal Rules of Evidence At the federal level, what is the name of the main guidance regarding the submission of evidence at trial computer forensic examiner certifications CCE, CCFE, CFCE, and GCFA are all examples of: COBRA benefits 18 months California's Database Security Breach Notification Act The __________________ was created after a security breach at a state-operated data facility. Federal Information Security Management Act (FISMA) Congress created the _____________ in response to the September 11, 2001, terrorist attacks. FISMA "Federal Information Security Management Act " Congress created the ______________ in response to the September 11, 2001, terrorist attacks. guilt beyond a reasonable doubt - If a criminal case goes to trial, the government must prove the defendant's guilt beyond a reasonable doubt. Though reasonable doubt doesn't mean that a juror is 100 percent convinced of the defendant's guilt, it does mean that a juror must be fully satisfied that the prosecution has eliminated reasonable doubt about the defendant's guilt. TRUE Digital Millennium Copyright Act In 1998, Congress passed the _________________________.This law helps protect copyrights in the multimedia world. It also contains provisions that help insulate Internet service providers from the actions of their customers OMB - In May 2007, the _________________________________ required all federal agencies to create a breach notification plan. This instruction was issued in response to a large data breach at the Department of Veterans Affairs. Computer Fraud and Abuse Act - In a situation where phishing attackers attempt to steal personal information, which of the following federal acts can be used to prosecute such a crime? - What is the first piece of federal legislation that identified computer crimes as distinct offenses Intentional torts - Intentional torts most often occur when the defendant intended to commit the tort. Most torts involving _______________________ are intentional torts. Computers and cyberspace Arraignment - Once a grand jury returns an indictment, the next step in the criminal process is the arraignment. After this hearing, a court must inform the defendant about the charges and advise the defendant about his or her legal and constitutional rights. TRUE intellectual property Patents, trademarks, and copyrights are all types of _________________. SOX section 302 SOX ______________ requires CEOs and CFOs to certify a company's SEC reports SOX section 906 SOX _______________ imposes criminal liability for fraudulent financial certifications "SOX" - Sarbanes-Oxley Act - The Enron scandal and similar corporate scandals led to the creation of which of the following? - The main goal of ______________ is to protect shareholders and investors from financial fraud State Courts, Federal Courts, International laws - Federal courts can hear only the following kinds of cases: 1) Disputes regarding federal laws or constitutional issues and 2) Disputes between residents of different states where the amount of money in controversy is greater than $75,000. (True) - The Supreme Court has exclusive original jurisdiction to decide cases about disputes between state governments and exercises this original jurisdiction with frequency. (FALSE) - The U.S. Supreme Court is the final source of authority for issues involving U.S. federal laws. (TRUE) After the ChoicePoint breach, 46 states, including the District of Columbia, have created breach notification laws. Although, most states used the California law as a model, there are some differences. Which of the following is not one of the differences? - maximum requirements for encryption Sarbanes-Oxley Act The main goal of ______________ is to protect shareholders and investors from financial fraud. The Public Company Accounting Oversight Board - The Public Company Accounting Oversight Board has five members. The SEC selects these members and appoints them to staggered terms. All members must be CPAs. FALSE Identity Theft and Assumption Deterrence Act The _______________ makes identify theft a federal crime. Office of Management and Budget (OMB) The ______________________ requires all federal agencies to create a breach notification plan. Office of Foreign Assets Control (OFAC) - The ________________ enforces trade sanctions and embargoes and prohibits trade with certain people in other countries. The______________________enforces trade sanctions and embargoes PATRIOT Act - The federal government uses the PATRIOT Act to prosecute many different computer crimes, as when it charged a 20-year old University of Tennessee student with unauthorized e-mail access. In late 2008, the student accessed vice presidential candidate Sarah Palin's personal Yahoo! e-mail account. The student then posted her e-mail messages online. FALSE The primary goal of computer forensics is to: Find evidence that helps investigators analyze an event or incident Gramm-Leach-Bliley Act (GLBA) - The rules states in the Gramm-Leach Bliley Act (GLBA) requires that entities engaged in certain kinds of financial transactions need to follow privacy and information security rules that are designed to protect customers' personal information. TRUE mens rea, actus reus, causation To prove a crime has been committed, a government must prove which of the following? Tortious conduct - Tortious conduct is wrongful conduct that is unreasonable given the situation. TRUE internal controls over financial reporting (ICFR) - _______________are the processes and procedures that a company uses to provide reasonable assurance that its financial reports are reliable E-Government Act of 2002 -Under the ____________________, federal agencies must 1) review their IT systems for privacy risks; 2) post privacy policies on their Web sites; 3) post machine-readable privacy policies on their Web sites; and 4) report privacy activities to the OMB. Patents - Which of the following has the longest period of protection? - Unlike ______________, trade secrets aren't registered. A person or business doesn't have to meet any registration or procedural formalities for protection best evidence rule that the original documents be used at trial Daubert What is a test for measuring the reliability of a scientific methodology Volatile What is the name of data that is stored in memory Fruit of the Poisonous Tree Which doctrine prevents the government from using illegally gathered evidence at a criminal trial? International Traffic in Arms Regulations (ITAR) Which of the following are types of export control regulations? Export Administration Regulations (EAR) Which of the following are types of export control regulations? Form 8-K disclosure requirement acquiring an inheritance Locard's exchange principle People leave trace evidence whenever they interact with other people and with their surroundings Which of the following items is not part of the in "SP 800-37, Revision 1, Guide
for monitor security controls only when necessary SOC-1 Which of the following reports, which generally are shared only between the organizations that are doing business with one another, are used by auditors to assess the ICFR at one entity that does business with another entity? Strict liability _________________ means that an inventor can hold an infringer liable for violating a patent even if the infringer acted unwittingly Utility __________________________ patents are used for inventions and discoveries related to machines manufactured products, processes and compositions of matter Export control regulations __________________ restrict the transmission of certain types of information to non-U.S. citizens or non-permanent residents who are located in the United State Intellectual property law Patents, trademarks, and copyrights are all types of _________________ International Association of Computer Investigative Specialists (IACIS) ... Subordinate plans __________________________ must be in place for securing networks, facilities, and systems or groups of IT systems. They are intended for technologies or system components that are a part of the larger information security program. Internal controls ______________________ are the processes and procedures that a company uses to provide reasonable assurance that its financial reports are reliable Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) _______________________ covers unsolicited commercial e-mail messages and requires commercial e-mail senders to meet certain requirements Sixth Which amendment to the U.S. Constitution guarantees defendants a speedy trial? Tort _______________ law uses the reasonable person standard to determine whether a person acted appropriately Cybersquatting The bad faith registration of a domain name that's a registered trademark or trade name of another entity is referred to as it must be distinctive A trademark has two criteria: 1) it must be used in interstate commerce and 2) _____________________ Design _______________ patents protect the visual appearance of a product National Institute of Standards and Technology (NIST) FISMA requires the Department of Commerce to create information security standards and guidelines. To which of the following organizations did the Department of Commerce delegate this responsibility? Computer Security Act (CSA) What was the first federal law to address federal computer security? States have different laws about what constitutes a breach. Which of the following statements summarizes why a breach notification is hard for entities? safe harbor What is a legal concept that protects an entity from legal liability and is written into the law? Entities that encrypt the personal information that they own or maintain do not have to follow the notification requirements of this concept if they have a data breach. student ID Which of the follow does not count as personal information, as designated by California's Database Security Breach Notification Act? what the greatest economic advantage will be to the national market as it relates to the area under consideration Which of the following conditions is not taken under consideration by Congress when determining if an area is ripe for federal legislation? It attempts to regulate businesses outside of Massachusetts by requiring businesses to encrypt the personal data of Massachusetts residents Massachusett's "Standards for the Protection of Personal Information of Residents of the Commonwealth" was released in September 2008 and is known for being "unique" in terms of its data protection standard. Which of the following statements best captures that uniqueness? California What was the first state to have a breach notification law? disclosures made to carry out treatment, payment, and health care activities A covered entity doesn't have to account for every PHI disclosure that it makes. The Privacy Rule states that some kinds of disclosures don't have to be included in an accounting. Any disclosure not specifically excluded must be included and tracked. Which of the following disclosures does not need to be tracked? potential employers Which of the following parties is not among those who would share an individual's health information? Security Rule The HIPAA ______________________ states how covered entities must protect the confidentiality, integrity, and availability of electronic personal health information. requires former employers to continue paying health insurance premiums for a minimum of one year Which of the following is not true about the Consolidated Omnibus Budget Reconciliation Act of 1986? HIPAA regulates discrimination based on health history while COBRA ensures health coverage continues Which of the following is true about COBRA and HIPAA? Public companies are required to file one comprehensive financial disclosure statement with the SEC. Which of the following was not one of the outcomes of the Enron scandal? how long the company has been in existence SOX requires the SEC to review a public company's Form 10-K and Form 10-Q reports at least once every three years. It must do this to try to detect fraud and inaccurate financial statements that could harm the investing public. SOX states the factors that the SEC should consider when deciding to conduct a review. Which of the following is not one of the factors that SEC must consider? balance sheet A company's _______________________ provides a summary of the company's financial condition at a certain period. three The U.S. Securities and Exchange Commission reviews a public company's Form 10-K at least once every ____________ years Analyst Conflicts of Interest (Title V) Which of the following SOX titles establishes rules to make sure that securities analysts can give independent opinions about a public company's stock risk? According to California law, entities don't need to give notice of a breach if the personal information in their computer system was encrypted; thus they are granted safe harbor. TRUE Because Congress can't usually interfere in state matters, it can't create a uniform federal law in areas legislated by the states unless there's a compelling reason to do so. Thus, there is no existing federal law on information security. TRUE California's Database Security Breach Notification Act law requires entities to notify California residents whenever a security breach occurs without any delays in notification if they reasonably believe that a breach has occurred. FALSE FISMA requires federal agencies to secure national security systems using a risk-based approach, but this does not apply to ________________ information. classified In general, many states criminalize the same behavior that federal cybercrime laws address TRUE Although California law doesn't assess any penalties against an entity that doesn't follow the notification law, it does permit a person a private cause of action against those entities. People can sue the private entity for any damages they have because they didn't receive notification in a timely manner. TRUE California Database Security Breach Notification Act - The _____________________ was created after a security breach at a state-operated data facility. - The purpose of the _________________ was to give state residents timely information about a breach so that they can protect themselves There's a growing trend in states such as California and North Carolina to specify the types of information that should be included in a breach notice. Such content should be sure to fit the following criteria: describe the incident in general terms; describe the type of personal information that was involved in the breach; describe how the entity is going to protect the personal information from additional unauthorized access; and advise the person being notified to review his or her account statements and purchases access to his/he credit report from a recommended list of vendors. FALSE Under SEC rules, internal controls over financial reporting (ICFR) are processes that provide reasonable assurance that financial reports are reliable. Which of the following is NOT assured by the ICFR IT controls that contain financial data are maintained
Which doctrine prevents the government from using illegally gathered evidence at a criminal trial? Fruit of the Poisonous Tree Which of the following is not a reason an examiner might reject a trademark? The proposed trademark may disparage or falsely suggest a connection with persons who have been dead less than 100 years
Which if the following is not an exception to the Fourth Amendment's search warrant requirement Interference Which of the following is not one of the federal information security challenges the federal CIO spoke of at the House of Representatives subcommittee meeting in March 2010 the culture within the federal government of not complying with reporting requirements When performing computer forensics, what is a potential source of digital evidence? Cell Phone Sets with similar termsITN 267 Midterm51 terms savaq CH 483 terms JGFusion1 TEST 2 51/60 questions52 terms tehtehHAWS FINAL EXAM (1-7)140 terms alvarez5 Sets found in the same folderITN 267 Final55 terms paimtser2007 ITN 267 Final Study Guide99 terms skinnerftw ITN-267 Midterm56 terms Zer0xzZ NVCC ITN 267 CyberLaw Midterm63 terms Lourdes_Solares Other sets by this creatorIT 109 Final Exam14 terms Zer0xzZ A+ Cert87 terms Zer0xzZ Final364 terms Zer0xzZ HW2014 terms Zer0xzZ Other Quizlet setsACC486 Quiz 120 terms christymhernandez APUSH Midterm Final Review158 terms bassel32PLUS Unreliable Narrators in Realism24 terms WhutcPLUS Medyczna24 terms superMarta21 Related questionsQUESTION A work permit application requires the signature of the applicant's parent or guardian. 6 answers QUESTION Gargantuan Industries has approached the union representatives about scheduling mid-term negotiations in accordance with the collective bargaining agreement. The union refused to meet the with management, claiming that there wasn't anything to negotiate. 2 answers QUESTION what did the Federal, Food, Drug, and Cosmetic Act require? 12 answers QUESTION Any person who performs a task with financial value for another person is an employee. 6 answers What is an example of the exclusionary rule?The exclusionary rule usually applies to suppression of physical evidence (for example, a murder weapon, stolen property, or illegal drugs) that the police seize in violation of a defendant's Fourth Amendment right not to be subjected to unreasonable search and seizure.
What is the main purpose of the exclusionary rule?American courts use the exclusionary rule to deter police officers and other government agents from abusing constitutional rights. According to the rule, courts will suppress evidence that the government obtains through unconstitutional conduct—often an unlawful search or seizure.
What are the 3 exceptions to the exclusionary rule?Three exceptions to the exclusionary rule are "attenuation of the taint," "independent source," and "inevitable discovery."
What is illegally obtained evidence?Another example of illegally obtained evidence would be if someone was at another person's house and the police came in and executed an illegal search and found something illegal on the person who was visiting.
|