Exercises

1.) What does CISSP stand for? Use the internet to identify the ethical rules CISSP holders have agreed to follow.

CISSP stands for Certified Information Systems Security Professional. A few ethical rules that they must follow are protect society, the common good, and promote public trust and confidence, and infrastructure. They also must act honorably, honestly, responsibly, and legally. lastly, they must provide diligent and competent service.

2.) For what kind of information security jobs does NSA recruit? Use the internet to visit its web page and find out.

There are a lot of information security jobs the NSA are trying to hire but are few of them are; Digital Network Exploitation Analyst, Computer Network Operator, Cyber Network Professionals, and National Security Agency Civil Liberties and Privacy Officer.

Case Exercises

1.) Should Iris have approached Henry directly, or was the hotline the most effective way to take action? Why do you think so?

I think the hotline was the best way to do this, because if Iris confronted Henry she could put her life in danger and Henry could harm her. Also, the hotline is the easiest and safest way for Iris to bring this information to the higher-ranking officers in SLS.

2.) Should Gladys call the legal authorities? Which agency should she call?

I think Glady should call the legal authorities and the agency she should call is FBI to investigate this crime and find out if anyone else is involved.

3.) Do you think this matter needs to be communicated elsewhere inside the company? Who should be informed and how? How about outside the company?

I think this matter should be communicated with the people in charge of the information security department because they can go through and see who else could be stealing company secrets inside the company. They should be informed by either face to face interaction or on a private and secured phone line. The only people that should be informed about this outside the company would have to be a private investigation company.  

Ethic Decision Making

It seems obvious that Henry is doing something wrong. Do you think Henry acted in an ethical manner? Did Iris act in an ethical manner by determining the owner of the flash driver? Assuming that this incident took place in the United States, what law or laws did Henry violated? Suppose Iris had placed the flash drive back at the coffee station and forgotten the whole thing. Explain why her action would have been ethical or unethical.

Henry did not act in an ethical manner because he stole and sold company information to an outside source. I don’t think Iris acted in an ethical manner determining the owner of the flash drive because the opened the flash drive on her computer and looked through Henry’s records which is an invasion of privacy. The law/laws that Henry violated was the National Information Infrastructure Protection act and copyright law. If Iris placed the flash drive back where she found it after looking at the information and learn about what Henry was doing would have been unethical because she is letting someone who is committing a crime get away with it, and that information could be people SSN, bank information, and other personal information.