29 Questions
What is the primary focus of the (ISC)2 organization?
Development and implementation of information security certifications and credentials
What is the primary mission of the Information Systems Security Association (ISSA)?
To bring together qualified IS practitioners for information exchange and educational development
Which organization concentrates on providing IT control practices and standards?
Information Systems Audit and Control Association (ISACA)
Which organization offers a set of certifications called Global Information Assurance Certification (GIAC)?
System Administration, Networking, and Security Institute (SANS)
Which organization has a code of ethics similar to (ISC)2, ISACA, and ACM?
Information Systems Security Association (ISSA)
Which organization has a focus on auditing, control, and security of information systems?
Information Systems Audit and Control Association (ISACA)
What is the primary purpose of the Health Insurance Portability and Accountability Act of 1996 (HIPAA)?
To protect the privacy and security of individual health information
Which of the following is NOT a regulation mentioned in the text related to privacy or identity protection?
Consumer Credit Protection Act of 1968
According to the Federal Trade Commission's definition, what is a key aspect of identity theft?
Using someone's personal information without their permission to commit fraud or other crimes
What is the primary focus of the Financial Services Modernization Act, also known as the Gramm-Leach-Bliley Act of 1999?
Modernizing financial services regulations across the United States
Which regulation is specifically mentioned as part of the common carrier regulation related to privacy of customer information?
Section of the common carrier regulation
What is the primary purpose of the SAFE Act?
To facilitate law enforcement access to encrypted communications
Which entity is responsible for establishing the National Electronic Technologies (NET) Center under the SAFE Act?
The Department of Justice (DOJ)
What is one of the responsibilities of the NET Center?
Examine encryption techniques to facilitate law enforcement access
According to the SAFE Act, which entities can exchange information and methodology regarding information security techniques and technologies?
Federal, state, and local law enforcement authorities, as well as industry and government entities
Which of the following is NOT a stated responsibility of the NET Center under the SAFE Act?
Develop new encryption algorithms
According to the SAFE Act, what type of information should the NET Center aim to access?
Plaintext of communications and electronic information
What is the primary goal of the Sarbanes-Oxley Act of 2002?
To improve the reliability and accuracy of financial reporting
Which of the following is NOT a principle covered by the U.S. Copyright Law?
Confidential information can be freely shared without permission
What is the purpose of the Freedom of Information Act of 1966 (FOIA)?
To allow access to federal agency records or information not related to national security
What is the consequence of noncompliance with the Sarbanes-Oxley Act of 2002?
Penalties ranging from fines to jail terms
Which of the following statements about the U.S. Copyright Law is correct?
It permits the inclusion of portions of others' work with proper acknowledgment
What additional emphasis will be required due to the Sarbanes-Oxley Act?
Emphasis on confidentiality and integrity
What are the two main common dissemination techniques mentioned in the text?
Hard copy and electronic distribution
What is the purpose of demonstrating that the employee understood the requirements and content of the policy?
Comprehension (understanding)
Which of the following is a common technique used to demonstrate that the employee agrees to comply with the policy?
Logon banners requiring a specific action
What type of law is mentioned in the text?
Civil law
What must the organization be able to demonstrate regarding the enforcement of the policy?
That the policy has been uniformly enforced, regardless of employee status or assignment
What is the purpose of demonstrating that the employee agrees to comply with the policy?
Compliance (agreement)
Test your knowledge on common dissemination techniques and compliance requirements for organizations. Topics include hard copy and electronic distribution, versions for illiterate and reading-impaired employees, and ensuring employee comprehension of policies.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free