Тест по теме семинара 6. Законодательство, регулирование, соответствие и расследования (Law & Investigation) 1. A software program would be protected from illegal distribution under what law? A. Trademark B. Copyright C. Trade Secret D. SPA ANSWER. B. Copyright law protects the expression of an idea such as a book, a song, a painting, or even software code. When properly copyrighted, these items cannot be copied or distributed without permission from the owner. While the Software Protection Association (SPA) works hard to protect software vendors from piracy, it is an organization, not a law. Trade secrets protect resources that are proprietary and absolutely necessary for survival. Trademarks are symbols, words, or pictures that uniquely identify something. 2. Which group states that the Internet is a privilege and should be treated and used with respect? A. Computer Ethics Institute B. Internet Architecture Board C. GASSP Committee D. Internet Architecture Board ANSWER. D. The Internet Architecture Board (IAB) is an independent committee comprised of a wide variety of professionals. The board is divided into two specialized groups: the Internet Engineering Task Force (IETF) and the Internet Research Task Force (IRTF). The IAB supports the belief that the Internet is a privilege and should be treated and used with respect. 3. What is one of the items that the G8 has agreed to work together on? A. To fight against cybercrime B. To legislate on economic espionage C. To protect employee privacy rights D. To prosecute software pirates ANSWER. A. Because of the growing occurrences of cybercrime, leading industrial countries and Russia joined together in 2000 to form the organization G8. This group works to develop laws related to cybercrime so that consistent prosecution will take place globally. 4. Which of the following ensures completeness and accuracy of accumulated data? A. Processing control procedures B. Data file control procedures C. Output controls D. Application controls ANSWER. A. Processing controls ensure the completeness and accuracy of accumulated data, for example, editing and run to- run totals. Data file control procedures ensure that only authorized processing occurs to stored data, for example, transaction logs. Output controls ensure that data delivered to users will be presented, formatted and delivered in a consistent and secure manner, for example, using report distribution. Application controls are a general terminology comprising all kinds of controls used in an application. 5. The golden arches of McDonalds are protected under what intellectual property law? A. Trademark B. Trade secret C. Logo Protection Law D. Copyright ANSWER. A. Trademarks can exist in a variety of forms a word, a shape, a graphic, or a phrase. The determining factor is whether or not it alone, represents the larger organization in the eyes of the outside world. McDonalds, for example, is known worldwide for its golden arches. This symbol is an identifier of the restaurant, and thus falls under trademark law. 1 Тест по теме семинара 6. Законодательство, регулирование, соответствие и расследования (Law & Investigation) 6. Which of the following is the GREATEST risk related to the monitoring of audit logs?) A. Logs are not backed up periodically. B. Routine events are recorded. C. Procedures for enabling logs are not documented. D. Unauthorized system actions are recorded but not investigated. ANSWER. D. If unauthorized system actions are not investigated, the log is useless. Not backing up logs periodically is a risk but not as critical as the need to investigate questionable actions. Recording routine events can make it more difficult to recognize unauthorized actions, but the critical events are still recorded. Procedures for enabling and reviewing logs should be documented, but documentation does not ensure investigation. 7. There are different categories for evidence depending upon what form it is in and possibly how it was collected. Which of the following is considered supporting evidence? A. Best evidence B. Corroborative evidence C. Conclusive evidence D. Direct evidence ANSWER. B. Corroborative [подтверждающие] evidence cannot stand alone, but instead is used as supporting information in a trial. It is often testimony indirectly related to the case but offers enough correlation to supplement the lawyers argument. The other choices are all types of evidence that can stand alone. 8. Computer-generated or electronic information is most often categorized as what type of evidence? A. Best B. Hearsay C. Corroborative D. Opinion ANSWER. B. Because computer files and systems can be modified after the fact without others being aware of it, they are considered hearsay evidence. Hearsay evidence is not considered reliable or trustworthy because it is not firsthand evidence. 9. Which type of law punishes the individuals with financial restitution instead of with jail penalties? A. Tort B. Administrative C. Criminal D. Regulatory ANSWER. A. Tort, or civil, law deals only with financial restitution or community service as punishments. Typically, civil lawsuits do not require the degree of burden of proof that criminal cases require. Administrative law deals with government-imposed regulations on large organizations and companies in order to protect the safety and best interest of their employees and customers. 10. Which of the following is an attack that uses tools to intercept electronic communication signals usually passively instead of actively? A. Masquerading B. Social engineering C. Wiretapping D. Salami ANSWER. C. Wiretapping is the act of intercepting electronic signals. Under the U.S. Federal Wiretap Law, it is illegal without a court order. The most common example of wiretapping is with law enforcement agencies. In order for these organizations to legally tap into a suspects line, there must be a court approved order allowing it. 2