Question details

Saint leo COM504 Module 4 Exam 2 (Perfect Answer)
$ 30.00

Question

Question 1 (2.5 points)

__________ are tools that filter offensive content.

Question 1 options:

Spam blockers

Technology protection measures (TPM)

Network databases

Proxy servers

Save

Question 2 (2.5 points)

To be COPPA-compliant, a privacy policy must provide “assurance that participation is not conditioned on data collection.” Which of the following statements offer the best explanation of this criterion?

Question 2 options:

A Web site can’t require children to submit contact details in order to be allowed to use the site. Web sites are not allowed to collect more information than necessary for a child to participate in an activity.

The Web site must state whether collected information is shared with a third party.

Web sites must state how the information will be used. It must be specific.

This includes the name, mailing address, telephone number, and e-mail address of all operators collecting or using the information collected on the Web site.

Save

Question 3 (2.5 points)

Some people believe that COPPA requirements violate freedom of speech without censorship guaranteed by the __________ Amendment.

Question 3 options:

First

Second

Fourth

Seventh

Save

Question 4 (2.5 points)

The __________ protects the personal information of children online.

Question 4 options:

Family Educational Rights and Privacy Act (FERPA)

Health Insurance Portability and Accountability Act (HIPAA)

Children’s Internet Protection Act (CIPA)

Children’s Online Privacy Protection Act (COPPA)

Save

Question 5 (2.5 points)

Collection and use of a child’s personal information such as name, e-mail address, or social security number by a Web site operator is governed by:

Question 5 options:

FERPA

HIPAA

CIPA

COPPA

Save

Question 6 (2.5 points)

Which of the follow is not one of the rights that parents are guaranteed under COPPA?

Question 6 options:

Parents also can request that a Web site operator delete data held on their children.

The Web site must re-notify parents whenever it changes its data collection and use procedures.

Parents must be allowed to review information collected from their children.

Parents will be notified by a Web site if it is collecting an e-mail address to respond to a one-time request from a child.

Save

Question 7 (2.5 points)

In which of the following circumstances would a library need to disable a TPM?

Question 7 options:

At the request of an adult to view content for research or other lawful purpose

At the request of a child with a document of written consent from his/her parent

At the request of anyone over the age of 17

At the request of any school official

Save

Question 8 (2.5 points)

Which of the following best defines a technology protection measure (TPM)?

Question 8 options:

It is any technology that can block or filter the objectionable content.

It is technology that provides monitoring protocols that track a child’s online activities.

It is technology that offers age-verification protocols that restrict online access to adults.

It is technology that accepts Internet requests from clients, retrieves the pages, and serves them to the client.

Save

Question 9 (2.5 points)

__________ was created by Congress to make health insurance portable.

Question 9 options:

CIPA

HIPAA

HITECH Act

FERPA

Save

Question 10 (2.5 points)

Regarding pre-existing conditions, HIPAA:

Question 10 options:

only allows employer-provided health plans to look back six months for pre-existing conditions.

neither A nor B

in most instances limits the amount of time health plans can require an individual to “sit out” of coverage to no more than 12 months.

both A and B

Save

Question 11 (2.5 points)

The U.S. Securities and Exchange Commission reviews a public company’s Form 10-K at least once every __________ years.

Question 11 options:

four

two

three

five

Save

Question 12 (2.5 points)

The main goal of the __________ is to protect shareholders and investors from financial fraud.

Question 12 options:

Sarbanes-Oxley Act (SOX)

Gramm-Leach-Bliley Act

Securities and Exchange Commission

Public Company Accounting Oversight Board

Save

Question 13 (2.5 points)

Which of the following parties is not among those who would share an individual’s health information?

Question 13 options:

Government agencies like Medicaid or Medicare

Insurance companies

Treatment providers

Potential employers

Save

Question 14 (2.5 points)

All of the following are types of information included on a Form 10-K except:

Question 14 options:

financial statements.

explanation of how the company is organized and operates.

auditor’s report.

lists of employees and subcontractors.

Save

Question 15 (2.5 points)

The HIPAA __________ dictates how covered entities must protect the privacy of personal health information.

Question 15 options:

Privacy Rule

Red Flag Rule

Information Security Rule

Health Information Protection Rule

Save

Question 16 (2.5 points)

The __________ enforces trade sanctions and embargoes and prohibits trade with certain people in other countries.

Question 16 options:

Department of Defense (DoD)

Department of Commerce

Office of Management and Budget (OMB)

Office of Foreign Assets Control (OFAC)

Save

Question 17 (2.5 points)

__________ restrict(s) the transmission of certain types of information to non-U.S. citizens or non-permanent residents who are located in the United States.

Question 17 options:

Import control regulations

Social media sites

Export control regulations

The Office of International Information Transference

Save

Question 18 (2.5 points)

Which of the following was not one of the outcomes of the Enron scandal?

Question 18 options:

Public companies are required to file one comprehensive financial disclosure statement with the SEC.

The SEC began to require that the accuracy of financial statements be certified in a number of different ways.

The SEC began to require more information to be reported on its financial statements.

Investors started to significantly lose confidence in large public companies.

Save

Question 19 (2.5 points)

__________ are the processes and procedures that a company uses to provide reasonable assurance that its financial reports are reliable.

Question 19 options:

Internal controls

Risk assessment

Disclosure controls

External controls

Save

Question 20 (2.5 points)

What was the first federal law to address federal computer security?

Question 20 options:

Computer Security Act (CSA)

The E-Privacy Act

Federal Information Security Management Act (FISMA)

Sarbanes-Oxley Act (SOX)

Save

Question 21 (2.5 points)

The __________ was created by Congress to protect data collected by the government.

Question 21 options:

Federal Information and Security Management Act (FISMA)

Computer Security Act (CSA)

E-Government Act of 2002

Privacy Act of 1974

Save

Question 22 (2.5 points)

Which of the following items is not part of the in “SP 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach” that NIST uses to create a risk management framework (RMF) approach to FISMA compliance?

Question 22 options:

Implement security controls in IT systems

Select minimum security controls

Categorize IT systems

Monitor security controls only when necessary

Save

Question 23 (2.5 points)

Under the __________, federal agencies must (1) review their IT systems for privacy risks, (2) post privacy policies on their Web sites, (3) post machine-readable privacy policies on their Web sites, and (4) report privacy activities to the OMB.

Question 23 options:

Privacy Act of 1974

Federal Information and Security Management Act (FISMA)

E-Government Act of 2002

Computer Security Act (CSA)

Save

Question 24 (2.5 points)

__________ must be in place for securing networks, facilities, and systems or groups of IT systems. They are intended for technologies or system components that are a part of the larger information security program.

Question 24 options:

Security awareness training

Subordinate plans

Policies and procedures

Testing and evaluation

Save

Question 25 (2.5 points)

FISMA requires federal agencies to secure national security systems using a risk-based approach, but this does not apply to __________ information.

Question 25 options:

personally identifiable

intellectual property

sensitive

classified

Save

Question 26 (2.5 points)

FERPA has four main requirements: Annual notification, access to education records, amendment of education records, and disclosure of education records.

Question 26 options:

True

False

Save

Question 27 (2.5 points)

Medical identity thieves exclusively consist of computer hackers or members of organized crime rings.

Question 27 options:

True

False

Save

Question 28 (2.5 points)

Covered entities must respond to a person’s request to access PHI within a specific period. The rule requires covered entities to respond in 60 days.

Question 28 options:

True

False

Save

Question 29 (2.5 points)

An Internet safety policy must educate minors about appropriate online behavior. This includes how to use social networking Web sites and chatrooms safely. The policy must include information on how to recognize cyberbullying. It also must tell minors how to respond to cyberbullying.

Question 29 options:

True

False

Save

Question 30 (2.5 points)

The Federal Communications Commission (FCC) mandates that a TPM should be 100 percent effective. This effectiveness is determined by the CIPA and the FCC.

Question 30 options:

True

False

Save

Question 31 (2.5 points)

Covered entities must keep records of how they disclose a person’s PHI. Under the Privacy Rule, a person has the right to receive an accounting of how the covered entity has used or disclosed the person’s PHI.

Question 31 options:

True

False

Save

Question 32 (2.5 points)

Many SOX provisions require companies to verify the accuracy of their financial information. Because IT systems hold many types of financial information, companies and auditors quickly realized that these systems were in scope for SOX compliance. That meant that how those systems are used and the controls used to safeguard those systems had to be reviewed.

Question 32 options:

True

False

Save

Question 33 (2.5 points)

One of the main functions of the PCAOB is to set standards for how auditors review public companies. It has created standards related to auditing, ethics, independence, and quality control.

Question 33 options:

True

False

Save

Question 34 (2.5 points)

In situations when a covered entity may use or disclose PHI to the extent that it’s required by law, the covered entity may only do so in response to a subpoena issued by a grand jury.

Question 34 options:

True

False

Save

Question 35 (2.5 points)

The following is an example of an incidental disclosure: a customer at a pharmacy hears the pharmacist quietly discussing a medication with another customer.

Question 35 options:

True

False

Save

Question 36 (2.5 points)

In 1987, Congress passed the Computer Security Act (CSA). This was the first law to address federal computer security. Under the CSA, every federal agency had to inventory its IT systems. Agencies also had to create security plans for those systems and review their plans every year.

Question 36 options:

True

False

Save

Question 37 (2.5 points)

FISMA merges a number of different laws. All of these laws address different information security issues. Because no one law was comprehensive, Congress heard many reports that information security efforts at the federal level were not effective. Congress intended FISMA to be a strong law to fix this problem.

Question 37 options:

True

False

Save

Question 38 (2.5 points)

In 1992, COSO issued guidance on internal controls. The COSO framework says that internal controls are effective when they give the management of a company reasonable assurance that: (1) it understands how the entity’s operational objectives are being achieved, (2) its published financial statements are being prepared reliably, and (3) it’s complying with applicable laws and regulations.

Question 38 options:

True

False

Save

Question 39 (2.5 points)

NIST created a FISMA Implementation Project to help it meet its FISMA duties. The project helped it create FISMA-related standards and guidelines in a timely manner. The project had two phases. In the first phase, NIST developed standards and guidelines to help agencies meet basic FISMA requirements. The documents developed in this phase helped agencies create their information security programs.

Question 39 options:

True

False

Save

Question 40 (2.5 points)

An access control model is an information security control; there is one main type of access control model, which is mandatory access control (MAC). In this model, data owners don’t have the ability to decide who can access certain files or data. This model is based on a security label system. Users of the system have a security label. Data and files in the system also have a security label. A user can access only data with the same (or lower) security label.

Question 40 options:

True

False

 

 

Available solutions
  • Saint leo COM504 Module 4 Exam 2 (Perfect Answer)
    $30.00

    Question Question 1 (2.5 points) __________ are tools that filter offensive content. Question 1 options: Spam blockers Technology protection measures (TPM) Network databases Proxy servers Save Question 2 (2.5 points) To be COPPA-compliant, a privacy policy must provide “assurance that participation is not conditioned on data collection.” Which of the following statements offer the best explanation of this criterion? Question 2 options: A Web site can’t require children to submit contact details in order to be allowed to use the site. Web sites are not allowed to collect more information than necessary for a child to participate in an activ

    Submitted on: 18 Sep, 2017 03:39:52 This tutorial has not been purchased yet .