Adrian Leal

ITS 370

Shin-Ping Tucker

CH3

 

1.      What does CISSP stand for? Use the Internet to identify the ethical rules CISSP holders have agreed to follow.

CISSP stands for Certified Information Systems Security Professional. The CISSP is an independent information security certification governed by the International Information Systems Security Certification Consortium.

 

All members are required to commit to fully support these ethical rules. Members who intentionally or knowingly violate any provision of the code will be subject to action by a peer review panel, which may result in the revocation of certification.

 

The rules are:

1. Protect society, the common good, necessary public trust and confidence, and the infrastructure.

2. Act honorably, honestly, justly, responsibly, and legally.

3. Provide diligent and competent service to principals.

4. Advance and protect the profession.

 

2.      For what kind of information security jobs does the NASA recruit? Use the Internet to visit its Web page and find out.

The National Security Agency (NSA) employs wide variety of cyber professionals who safeguard information system assets by defining access privileges, data and control structures and resources and to help exploit the intelligence of adversaries.

 

Some of the jobs they offered include the following:

Computer Network Defense Analyst: Uses information collected from a variety of computer network defense resources (including intrusion detection system alerts, firewall and network traffic logs, and host system logs) to identify, analyze and report events that occur or might occur within the technical environment.

Computer Network Operator: Provides time-sensitive mission support by maintaining situational awareness of potential cyber threats. Leverages technical methods to manage, monitor and execute large-scale operations in response to national security requirements.

Capabilities Development Specialist: Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems. Detects, identifies and describes specific vulnerabilities in a system, network, component or process. Conducts software and systems engineering and software systems development in order to meet required capabilities. https://www.intelligencecareers.gov/nsa/nsacareers.html

 

3.      Using the resources in your library, find out what laws your state has passed to prosecute computer crime.

Misdemeanor Computer Crimes: Offenses against computer data and programs class A misdemeanor; offenses against computers, computer equipment and supplies is class A misdemeanor

Felony Computer Crimes: Offenses against computer data and programs is if offense is to defraud or obtain property, class I; if damage greater than $2500 or act causes interruption or impairment of gov operations or public utility or service, class D; if offense creates risk of death or bodily harm to another, class F; offense against computer, computer equipment or supplies is class I if offense is done to defraud or obtain property; class H if damage is under $2500; and class F if act creates risk of death or bodily harm to another. http://statelaws.findlaw.com/wisconsin-law/wisconsin-computer-crimes-laws.html

 

4.      Using the Web browser, go to www.eff.org. What are the current top concerns of this organization?

The Electronic Frontier Foundation seeks to protect the right of freedom of speech. One of their main concerns at the moment is SESTA. They are trying to send a message to the Congress and stop the new bill they are working on.

 

SESTA would weaken 47 U.S.C. § 230 (commonly known as "CDA 230" or simply “Section 230”), one of the most important laws protecting free expression online. Section 230 protects Internet intermediaries—individuals, companies, and organizations that provide a platform for others to share speech and content over the Internet.  This includes social networks like Facebook, video platforms like YouTube, news sites, blogs, and other websites that allow comments.

 

5.      Using the ethical scenarios presented earlier in this chapter in the Offline feature called “The Use of Scenarios in Computer Ethics Studies,” finish each of the incomplete statements and bring your answers to class to compare them with those of your peers.

1. The scientist’s failure to acknowledge the computer programmer was unprofessional. He developed the theory, but the computer helped with to build the model. Although, the programmer is not the “genius” that created the theory, he deserved that the scientist acknowledged him and his help.

4. The customer’s decision to keep the word-processing program was unmoral because he probably had the money to pay for it, or a similar word-processing program at home already. He should have contacted the vendor.

7. The student’s use of the company computer was intelligent because they had the programs the he needed and he did his homework during break times. Although, it could have been dangerous for the security and the integrity of the company’s private information since doing homework is not the purpose of those computers.

11. The manager’s actions were unethical and probably a crime. He took advantage of the competitor by “using” their service. His actions probably helped his own businesses since it made look a competitor like they do not know how to keep their site safe.