31.
Which criminal law was the first to implement penalties for the creators of viruses, worms,
and other types of malicious code that cause harm to computer system(s)?
- A.Computer Security Act
- B.National Infrastructure Protection Act
- C.Computer Fraud and Abuse Act
- D.Electronic Communications Privacy Act
- Answer & Explanation
- Report
Answer : [C]
Explanation :
Explanation :
| The Computer Fraud and Abuse Act, as amended, provides criminal and civil penalties for those individuals convicted of using viruses, worms, Trojan horses, and other types of malicious code to cause damage to computer system(s). |
32.
Which law first required operators of federal interest computer systems to undergo periodic
training in computer security issues?
- A.Computer Security Act
- B.National Infrastructure Protection Act
- C.Computer Fraud and Abuse Act
- D.Electronic Communications Privacy Act
- Answer & Explanation
- Report
Answer : [A]
Explanation :
Explanation :
| The Computer Security Act requires mandatory periodic training for all people involved in managing, using, or operating federal computer systems that contain sensitive information. |
33.
What type of law does not require an act of Congress to implement at the federal level but
rather is enacted by the executive branch in the form of regulations, policies, and procedures?
- A.Criminal law
- B.Common law
- C.Civil law
- D.Administrative law
- Answer & Explanation
- Report
Answer : [D]
Explanation :
Explanation :
| Administrative laws do not require an act of the legislative branch to implement at the federal level. Administrative laws consist of the policies, procedures, and regulations promulgated by agencies of the executive branch of government. Although they do not require an act of Congress, these laws are subject to judicial review and must comply with criminal and civil laws enacted by the legislative branch. |
34.
Which federal government agency has responsibility for ensuring the security of government
computer systems that are not used to process sensitive and/or classified information?
- A.National Security Agency
- B.Federal Bureau of Investigation
- C.National Institute of Standards and Technology
- D.Secret Service
- Answer & Explanation
- Report
Answer : [C]
Explanation :
Explanation :
| The National Institute of Standards and Technology (NIST) is charged with the security management of all federal government computer systems that are not used to process sensitive national security information. The National Security Agency (part of the Department of Defense) is responsible for managing those systems that do process classified and/or sensitive information. |
35.
What is the broadest category of computer systems protected by the Computer Fraud and
Abuse Act, as amended?
- A.Governmentâowned systems
- B.Federal interest systems
- C.Systems used in interstate commerce
- D.Systems located in the United States
- Answer & Explanation
- Report
Answer : [C]
Explanation :
Explanation :
| The original Computer Fraud and Abuse Act of 1984 covered only systems used by the government and financial institutions. The act was broadened in 1986 to include all federal interest systems. The Computer Abuse Amendments Act of 1994 further amended the CFAA to cover all systems that are used in interstate commerce, including a large portion (but not all) of the computer systems in the United States. |
|
|
||||||||||||||||||||||||||||
