Review Questions



                1.  Which criminal law was the first to implement penalties for the
                    creators of viruses, worms, and other types of malicious code that
                    cause harm to computer systems?

                    A.  Computer Security Act

                    B.  National Infrastructure Protection Act

                    C.  Computer Fraud and Abuse Act


                    D.  Electronic Communications Privacy Act
                2.  Which law governs information security operations at federal

                    agencies?

                    A.  FISMA

                    B.  FERPA

                    C.  CFAA

                    D.  ECPA

                3.  What type of law does not require an act of Congress to implement
                    at the federal level but rather is enacted by the executive branch in
                    the form of regulations, policies, and procedures?


                    A.  Criminal law

                    B.  Common law

                    C.  Civil law

                    D.  Administrative law

                4.  Which federal government agency has responsibility for ensuring
                    the security of government computer systems that are not used to
                    process sensitive and/or classified information?

                    A.  National Security Agency

                    B.  Federal Bureau of Investigation


                    C.  National Institute of Standards and Technology