Kim Mattson

ITS 370

CH3

 

1.       What does the CISSP stand for? Use the internet to identify the ethical rules CISSP holders have agreed to follow.

CISSP stands for Certified Information Systems Security Professional.

There is four main areas of ethics required for the certification. The first one covers promoting public trust with information and systems, understanding proper information security measures, and strengthen the integrity of the infrastructure.

The second area is to always act honestly, objectively, responsibly and legally.

The third ethical rule is to provide diligent and competent service to principals.

The last rule is to advance and protect the profession.

 

2.       For what kind of information security jobs does the NSA recruit? Use the Internet to visit its Web page and find out

 

The NSA recruits for jobs in Computer Network Defense Analyst, Computer Network Operator, Network Vulnerability Analyst, and Software Engineer.

 

3.       Using the resources in your library, find out what laws your state has passed to prosecute computer crime.

Minn. Stat. 609.87 to 609.893 are Minnesotaís computer crime statute. It is based on the federal crime statute. It addresses unauthorized access, hacking, viruses and Malware related crimes.

4.       Using a Web browser, go to www.eff.org. What are the current top concerns of this organization?

The Electronic Frontier Foundation is focusing on the spearphishing campaign aimed at digital civil liberties, the Department of Homeland Security monitoring immigrants and foreign visitorsí social media activity, and a border surveillance bill.

 

5.       Using the ethical scenarios presented earlier in this chapter in the Offline feature called ďThe Use of Scenarios in Computer Ethics Studies,Ē finish each of the incomplete statements and bring your answers to class to compare them with those of your peers.

1.       The scientistís failure to acknowledge the computer programmer was unethical

2.       The programmerís decision not to point out the design flaws was very unethical.

3.       The studentís action in searching for the loophole was neither.

The student action in continuing to access otherís records for two weeks was very unethical.

The system administratorís failure to correct the problem sooner was neither.

4.       The customerís decision to keep the word processing program was very unethical.

5.       The programmerís modification of the accounting system was very unethical.

6.       The programmerís weekend use of the company computer was neither.

7.       The studentís use of the company computer was neither.

If the student had done her homework during company time, it would have been unethical.

8.       If the student destroyed her copy of the software at the end of the term, her action in copying the software was very unethical.

If the student forgot to destroy her copy of the software at the end of the term, her action in copying the software was unethical.

If the student never intended to destroy her copy of the software at the end of the term, her action in copying the software was very unethical.

9.       The studentís action in downloading the games were unethical.

The studentís action in downloading the programs were very unethical.

The studentís action in sharing the programs and games with his friends were very unethical.

10.   The programmerís position in this situation is ethical.

The engineerís position in this situation is neither.

11.   The mangers actions were very unethical.

12.   The studentís action of infecting hundreds of usersí flash drives was very unethical.

13.   If the virus program output the message ďHave a nice day,Ē then the studentís action of infecting hundreds of usersí flash drives was unethical.

If the virus erased files, then the studentís action of infecting hundreds of usersí flash drives would have been very unethical.