[Cisspstudy] preambles questions
Vardhan, Aditya {PI}
aditya.vardhan at intl.pepsico.com
Tue Sep 1 10:00:03 EDT 2009
Pl share the correct answers,
I think these are,
1- a
2 -b
-----Original Message-----
From: cisspstudy-bounces at cccure.org
[mailto:cisspstudy-bounces at cccure.org] On Behalf Of An.Dang at do.treas.gov
Sent: Tuesday, September 01, 2009 5:49 PM
To: cisspstudy at cccure.org
Subject: Re: [Cisspstudy] preambles questions
I have a few questions that are in the "gray area" of things. I have
the answers (maybe) but want to know what the group thinks.
Using ISC(2) preambles as guides, answers these questions:
1) A visiting professor is assigned to work in a university computing
center. He found a hole in a financial transaction program that would
enable one to collect students' social security numbers, last names, and
other personally identifiable information. He quietly collected the
information into a computer file and gave the file to the system
administrator on his last day.
a) The professor was unethical. He should have disclosed the hole right
away.
b) There is nothing unethical with what he did. He did not give the
information to anyone else.
c) Though he did nothing unethical, the professor should have disclosed
the information because ISC(2) preambles stated responsibility to the
public first.
d) None of the above. ISC(2) ethics were observed.
2) An analyst for an anti-virus software company is assigned to test a
new product. He developed an automated program to generate multiple
instances of a computer virus with varying signatures. He wants to use
it to test the new anti-virus software the company is going to publish.
a) He should not use it. It is illegal to create virus.
b) There is nothing wrong with using it since it is contained in a test
lab and would never get out to the Internet.
c) It is unethical to develop something that would potentially harm the
public.
d) It is part of his job. It is completely ethical.
_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
More information about the cisspstudy
mailing list