1.
2.
3.
4.
5.
6.
7.
Quiz
A software program is protected from illegal distribution under what law? a. Trademark b. Copyright c. Trade Secret d. SPA
Which group states that the Internet is a privilege, and should be treated and used with respect? a. Computer Ethics Institute b. (ISC)2 c. GASSP Committee d. Internet Architecture Board
On which of the following issues has the G8 agreed to work together? a. The fight against cybercrime b. Legislation on economic espionage c. Protection of employee privacy rights d. Prosecution of software pirates
An edict stating that all evidence be labeled with information about who secured it and who validated it is called _______________. a. CERT b. Chain of custody c. Direct evidence d. Incident response policy
The golden arches of McDonald’s are protected under what intellectual property law? a. Trademark b. Trade secret c. Logo protection d. Copyright
Which is not true of the Federal Sentencing Guidelines, which were enacted in 1991? a. Developed specifically to address white-collar crimes b. Detailed the specific responsibilities of senior executives within companies c. Established a maximum fine of $100 million d. Encouraged the implementation of security policies and a security program
There are different categories for evidence depending upon what form it is in and possibly how it was collected. Which of the following is considered supporting evidence? a. Best evidence b. Corroborative evidence c. Conclusive evidence
8.
9.
10.
11.
12.
13.
14.
15. d. Direct evidence
Computer-generated or electronic information is most often categorized as what type of evidence? a. Best b. Hearsay c. Corroborative d. Opinion
Which type of law punishes the individuals with financial restitution instead of jail penalties? a. Tort b. Administrative c. Criminal d. Regulatory
Which of the following is an attack that uses tools to intercept electronic communication signals usually passively instead of actively? a. Masquerading b. Social engineering c. Wiretapping d. Salami
If a waiter tells his friends how the restaurant’s famous secret sauce is made, what law has he violated? a. No law was violated b. Trademark c. Trade secret d. Copyright
What is the first step in forensic analysis at a cybercrime scene? a. Execute the primary programs on the computer to obtain more information b. Capture log files on the computer c. Notify customers of potential outages d. Capture a complete image of the system
Which organization posts four primary Code of Ethics canons involving societal protection, individual honorability, diligent service and professional development? a. Computer Ethics Institute b. (ISC)2 c. Internet Ethics Board d. Internet Activities Board
Witness testimony would be classified as what type of evidence? a. Real b. Secondary c. Best d. Conclusive
Which of the following would protect a senior executive in a liability lawsuit brought on by an employee? a. He is able to demonstrate that due diligence and due care were established and followed. b. He was on vacation during the incident. c. The incident was not covered in the company’s security policy. d. The employee was not in good standing.
Answers:
1. B. Copyright law protects the expression of an idea such as a book, song, painting or even software code. When properly copyrighted, these items cannot be copied or distributed without permission from the owner. While the Software Protection
Association (SPA) works hard to protect software vendors from piracy, it is an organization, not a law. Trade secrets protect resources that are proprietary and absolutely necessary for survival. Trademarks are symbols, words or pictures that uniquely identify something.
2. D. The Internet Architecture Board (IAB) is an independent committee comprised of a wide variety of professionals. The board is divided into two specialized groups: the
Internet Engineering Task Force (IETF) and the Internet Research Task Force
(IRTF). The IAB supports the belief that the Internet is a privilege and should be treated and used with respect.
3. A. Because of the growing occurrences of cybercrime, leading industrial countries and Russia, which make up the G8, have started to lay out procedures for working together when computer crimes take place across country boundaries
4. B. A thorough and accurate chain of custody record is critical in an investigation process. The process includes labeling physical evidence and compiling a complete history of how evidence was collected, analyzed, transported and preserved.
5. A. Trademarks can exist in a variety of forms — a word, shape, graphic or phrase.
The determining factor is whether or not it alone represents the larger organization in the eyes of the outside world. McDonald’s, for example, is known worldwide for its golden arches. This symbol is an identifier of the restaurant and thus falls under trademark law.
6. C. Because laws and sentencing guidelines were not addressing white-collar crimes related to technology, the Federal Sentencing Guidelines were developed. These guidelines targeted the assumed responsibilities of senior executives and imposed maximum fines of $290 million per instance. However, these fines could be avoided if companies could prove proper due diligence and due care, and the existence of company-wide security policies and programs.
7. B. Corroborative evidence cannot stand alone, but instead is used as supporting information in a trial. It is often testimony indirectly related to the case but offers enough correlation to supplement th e lawyer’s argument. The other choices are all types of evidence that can stand alone.
8. B. Because computer files and systems can be modified after the fact without others being aware of it, they are considered hearsay evidence. Hearsay evidence is not considered reliable or trustworthy because it is not firsthand evidence.
9. A. Tort, a type of civil law, deals only with financial restitution or community service as punishments. Typically, civil lawsuits do not require the degree of burden of proof that criminal cases require. Administrative law deals with government-imposed regulations on large organizations and companies in order to protect the safety and best interest of their employees and customers.
10.
11.
12.
13.
14.
15.
C. Wiretapping is the act of intercepting electronic signals. Under the U.S. Federal
Wiretap Law, it is illegal without a court order. The most common example of wiretapping is with law enforcement agencies. In order for these organizations to legally tap into a suspect’s line, there must be a court-approved order allowing it.
C. A trade secret can be many things, but the cardinal rule is that it must provide the company with a competitive advantage. A restaurant’s secret sauce would qualify as a trade secret, which means it could prosecute the waiter for violating the law.
D. The first step in a forensic investigation is to make a copy of the hard drive. This method ensures that the original system is not altered in any way during the investigation process.
B. The (ISC)2 demands that its members follow four main canons of ethics. The canons listed on their Web site (www.isc2.org) are:
• Protect society, the commonwealth and the infrastructure.
• Act honorably, honestly, justly, responsibly and legally.
• Provide diligent and competent service to principals.
• Advance and protect the profession.
B. Secondary evidence is not as reliable as best evidence and may need supporting evidence. Typically, oral evidence like testimonies is placed in this category. Also, copies of documents are considered secondary in nature. The other choices are all types of evidence that can stand alone.
A. The Federal Sentencing Guidelines were developed to establish more detail in what is expected of executives within companies. It promotes consistent due diligence and due care by the management team. If the executive can prove that proper due diligence and due care were practiced, then it is conceivable that he would not be liable in the suit.