Pricinples of Information Security, Chapter 3 Review Questions

Week 2, Chapter 3 Name:

-------------------------------------------------

Review Questions p. 114

Assignment 3         

1. What is the difference between law and ethics?

Laws are formally adopted rules for acceptable behavior in modern society. Ethics are socially acceptable behaviors.

The key difference between laws and ethics is that laws carry the authority of a governing body, and ethics do not. Ethics in turn are based on cultural mores: the fixed moral attitudes or customs

of a particular group. Some ethical standards are universal. For example, murder, theft, assault, and arson are actions that deviate from ethical and legal codes throughout the world.

2. What is civil law, and what does it accomplish?

Civil law comprises a wide variety of laws that govern a nation or state and deal with the relationships and conflicts between organizational entities and people.

3. What are the primary examples of public law?

criminal, administrative, and constitutional law

4. Which law amended the Computer Fraud and Abuse Act of 1986, and what did it change?

the National Information Infrastructure Protection Act of 1996, which modified several sections of the amended the Computer Fraud and Abuse Act of 1986 and increased the penalties for selected crimes. The punishment for offenses prosecuted under this statute varies from fines to imprisonment up to 20 years, or both. The severity of the penalty depends on the value of the information obtained and whether the offense is judged to have been committed:

1. For purposes of commercial advantage

2. For private financial gain

3. In furtherance of a criminal act

5. Which law was specifically created to deal with encryption policy in the United States?

The Security and Freedom through Encryption Act of 1999

6. What is privacy in an information security context?

Privacy in an information system refers to how the information that you supply will be protected. Will the information...