Q&A Hero

Q: A web page is transmitted securely when the protocol part of the URL is A) http B) secure C) https D) crypt

Q: The most important advantage of public key encryption over private key is A) it doesn't matter if the "bad guys" find out the key used to encrypt messages. B) the use of prime numbers in the encryption process. C) that it can be easily performed by modern computer equipment. D) that the encryption algorithm itself is kept carefully secret by government and the computer industry.

Q: The US approach of passing separate laws to govern privacy in certain industries or activities is called a(n) _________ approach. A) random B) individualized C) sectoral D) divided

Q: US Companies which operate in the EU A) cannot retain any customer data, since there is not way to do so under both sets of laws. B) must apply EU rules to all customer data no matter where the customer lives. C) must handle EU customer data under rules negotiated between the US and EU. D) are not required to follow EU privacy law, because a country's laws don't apply outside it.

Q: When the Send button is clicked to send an email: A) the sender retains full control over the message B) two copies of the message are produced C) the message is immediately deleted from the sender's computer D) the message is backed up on a server

Q: Which of the following may result from malware? A) contents erased on the hard drive B) spam sent from your computer C) secure information obtained from your computer D) all of the above

Q: A combination of encryption and decryption methods is a: A) secure transaction B) cookie C) cryptosystem D) digital encryption

Q: The crime of posing as someone else for fraudulent purposes is known as: A) identity theft B) privacy theft C) cookie grabbing D) unauthorized encryption

Q: A cookie contains information stored in: A) one byte B) eight bytes C) seven fields D) a database

Q: Which OCED principle states that personal data should be protected by reasonable security measures against risks of disclosure, unauthorized access, misuse, modification, destruction, or loss? A) Security Principle B) Use Limitation Principle C) Limited Collection Principle D) Openness Principle

Q: The OCED privacy principles were developed in: A) 1949 B) 1960 C) 1980 D) 2001

Q: Which activity creates an unnecessary risk of being hacked? A) sending information to a Web site that doesn't use encryption B) clicking on a bank's URL instead of typing it in C) using email to respond to requests for personal information D) all of the above

Q: The most important consideration in a disaster recovery plan is to: A) have a backup of your data B) always print your files C) never trust the computer to store your files D) all of the above

Q: Personal backups are not critical for: A) software programs B) information that has been backed up but not changed C) unimportant files D) all of the above

Q: Backups on your personal computer: A) aren't needed B) should be done daily C) should follow the same pattern of backups that business systems use D) are just as essential to a personal system as a business system

Q: Cookies: A) are stored on a client and sent back to a server B) are stored on a server for use by a client C) are placed on a server by a client D) cannot be removed from a client's computer

Q: The RSA public key cryptosystem relies on: A) prime numbers B) trapdoors C) key escrow D) all of the above

Q: Spyware: A) is illegal B) is software that snoops private information C) cannot be installed without the computer user's permission D) all of the above

Q: If you disable the cookies on your computer: A) you won't be able to perform most online transactions B) normal Web interaction will be more difficult C) all cookies, including third-party cookies, will be blocked D) all of the above

Q: Personal information can be tracked by all of the following except: A) cookies B) cell phone use C) IP addresses D) chip ID numbers

Q: The person in charge of privacy policies and communication with individuals regarding their privacy is a: A) data controller B) CIO C) database developer D) CEO

Q: The accuracy of personal information is the responsibility of the: A) data controller B) individual C) data collector D) business or government

Q: American privacy standards are closest to the policy called: A) No uses B) Approval C) Objection D) No limits

Q: European privacy standards are closest to the policy called: A) No uses B) Approval C) Objection D) No limits

Q: Cell phones can be used to track a user's location, even if the GPS is turned off.

Q: Personal computers can only be backed up to another hard disk.

Q: Americans' legal access to a free credit check to learn their "credit score" and check for errors applies the Fair Information Practices Guideline points of Purpose and of Security.

Q: The purpose of encryption is to allow private transmission and storage of sensitive information.

Q: In the United States, the protection of an individual's privacy is the responsibility of the government.

Q: Modern browsers let you control the cookie policy for your computer.

Q: "Opt-in" means the business can use it unless the person explicitly prohibits the new use.

Q: Non-EU countries that want information on EU citizens must show that they have privacy laws consistent with the OECD principles.

Q: Hyperlinks have two parts: the part you read and the part the computer reads"the actual place you will go to when you click the link.

Q: The difference between a worm and a virus is that the worm program "rides along" with other software, while the virus can actually send itself to other devices on the Internet.

Q: Laws in Hong Kong controlling the use of transaction information are stricter than those in the United States.

Q: Emptying the trash is no guarantee that the data has been erased.

Q: Partial backups should be made more often than full backups.

Q: Identity theft is the crime of posing as someone else for fraudulent purposes.

Q: The Do-Not-Call List was so successful that it has now been applied to email.

Q: Messages encrypted using a public key RSA129 cryptosystem code have not yet been cracked.

Q: In contrast to the "omnibus" solution of adopting the OECD list, the United States uses an approach called "sectoral," meaning that it passes laws to deal with specific industries (business sectors) or practices.

Q: Cookies can be used to track your online travels using ad placement on various Web sites.

Q: A third-party cookie is initiated by a direct request by the user.

Q: A company can place a cookie on your computer even if you've never visited its Web site.

Q: The United States provides limited enforcement of OECD privacy principles.

Q: Viruses are often distributed through email attachments.

Q: The United States has not adopted the OECD principles.

Q: American privacy laws are much stricter than European laws.

Q: The vast majority of business transactions are anonymous.

Q: Information is generated when buying goods and services at a store.

Q: Offensensitivity, a term credited to Berke Breathed in Bloom County, relates to people being ________ by certain things. As a guideline, using the Internet with an open mind and maturity can avoid considerable nastiness.

Q: Unsolicited commercial email (UCE) is popularly known as ________.

Q: The point of a(n) ________ is to limit computer or software system access to only those who know a not-likely-to-be-guessed sequence of keyboard characters.

Q: Creations of the human mind that have value to others are referred to as ________.

Q: When you are unable to answer your email for a few days, it is polite to set up a(n) ________ reply saying you are away, and perhaps indicating when you expect to read your email again.

Q: ________are nasty email exchanges in which a few people fight, but cc a group of others.

Q: ________ is short for password harvesting fishing, a tactic in which hackers use deception to fool you into giving them your personal information.

Q: The limited use of copyrighted material for educational or scholarly uses is called ________.

Q: A(n) ________ is an email screening software that checks pre-delivery for content typical of unsolicited commercial email.

Q: Software that is available on the Web and paid for on the honor system is called ________.

Q: When a creator posts his or her work on the Internet with a(n) ________ license, people are allowed to copy and distribute it.

Q: A(n) ________ is another term for a system's administrator.

Q: ________ refers to solving a problem or achieving a goal by combining the contributions of a large, unconstrained volunteer population.

Q: The content of an email message should be described in the ________.

Q: ________, originally developed for email use, but is now interpreted more broadly as civilized behavior in any of the social settings on the Internet.

Q: ________ information has been recoded to hide its meaning.

Q: ________ are small, character-based graphics used to display emotion in an electronic message.

Q: Information that you did not create, but can treat as your own, is said to be: A) shareware B) in the public domain C) fair use D) copyrighted

Q: Companies that make products available as open source software: A) are promoting wide distribution of the software B) are non-profit organizations C) keep the source code private (providing only binary) D) are vendors like Microsoft and Adobe

Q: Generally speaking, a software license gives you: A) ownership of the software B) use of the software C) permission to resell the software D) all of the above

Q: You receive an email from your bank informing you that they are performing an audit and have found possible problems with your account. They ask you to log in to resolve the issue. This is an example of: A) a legitimate email B) an advance-fee fraud C) phishing D) spam

Q: The origin of the word "spam" as used to describe junk mail is believed to be: A) a shortening of the phrase "spurious messages" B) the nickname of a small town in Russia C) unknown D) a Monty Python skit

Q: When choosing a password, a good choice for helping you remember it is to: A) use a date of importance such as your birthday B) choose a topic of interest and then modify a phrase from that topic to obscure it C) choose a random series of numbers and letters D) use your name or a name of a family member

Q: A good minimum length for a password is how many character? A) 3 B) 6 C) 8 D) 12

Q: Most login protocols: A) shut off access after just one failed login attempt B) allow several but not unlimited login attempts C) respond to failed login attempts instantly D) allow unlimited login attempts

Q: Which of the following is not an example of crowdsourcing? A) Be a Martian Project B) Free Rice C) Google D) Foldit

Q: Before sending or posting very emotional content by email or online: A) sleep on it B) send it right away so that you don't change your mind C) make a list of the people that might be interested and send it to all of them D) consider that email is private and your thoughts will always be secure

Q: Which of the following will help protect you from phishing? A) Open attachments only when you know who sent them and why. B) Pay attention to the domain name of the company. C) Only give information online when you have initiated the transaction by going to the company site. D) All of the above

Q: The 419 scam has many, many variations, but they all require: A) secrecy B) your money C) urgency D) all of the above

Q: An example of a good password is a: A) user's nickname B) user's boy or girl friend's name C) a word transformed with numbers and symbols for some letters D) a standard single dictionary word