WGU C961 – TERMS, Full Coverage,
graded A+
Ethics - ✔✔-A code of behavior that is defined by the group to which an individual belongs.
Morals - ✔✔-The personal principles upon which an individual bases his or her dec
...
WGU C961 – TERMS, Full Coverage,
graded A+
Ethics - ✔✔-A code of behavior that is defined by the group to which an individual belongs.
Morals - ✔✔-The personal principles upon which an individual bases his or her decisions about what is
right and what is wrong.
Virtue - ✔✔-A habit that inclines people to do what is acceptable
Vice - ✔✔-A habit of unacceptable behavior
Software Piracy - ✔✔-A form of copyright infringement that involves making copies of software or
enabling others to access software to which they are not entitled
Corporate social responsibility (CSR) - ✔✔-The concept that an organization should act ethically by
taking responsibility for the impact of its actions on its shareholders, consumers, employees,
community, environment, and suppliers
Supply chain sustainability - ✔✔-A component of CSR that focuses on developing and maintaining a
supply chain that meets the needs of the present without compromising the ability of future
generations to meet their needs.
Bathsheba syndrome - ✔✔-The moral corruption of people in power, which is often facilitated by a
tendency for people to look the other way when their leaders act inappropriately.
Law - ✔✔-A system of rules that tells us what we can and cannot do
Code of Ethics - ✔✔-A statement that highlights an organization's key ethical issues and identifies the
overarching values and principles that are important to the organization and its decision-making.
Corporate compliance officer - ✔✔-The corporate ethics officer. A senior-level manager who provides
an organization with vision and leadership in the area of business conduct.
Social Audit - ✔✔-A process whereby an organization reviews how well it is meeting its ethical and social
responsibility goals and communicates its new goals for the upcoming year.
Stakeholder - ✔✔-Someone who stands to gain or lose, depending on how a particular situation is
resolved.
Ethical Decision-Making Process - ✔✔-1. Develop Problem Statement
2. Identify Alternatives
3. Choose Alternative
4. Implement the Decision
5. Evaluate the Results
Right of privacy - ✔✔-"The right to be left alone—the most comprehensive of rights, and the right most
valued by a free people."
Information privacy - ✔✔-The combination of communications privacy (the ability to communicate with
others without those communications being monitored by other persons or organizations) and data
privacy (the ability to limit access to one's personal data by other individuals and organizations in order
to exercise a substantial degree of control over that data and their use).
Fair Credit Reporting Act - ✔✔-Regulates the operations of credit reporting bureaus, including how they
collect, store, and use credit information.
Right to Financial Privacy Act - ✔✔-Protects the records of financial institution customers from
unauthorized scrutiny by the federal government.
The Gramm-Leach-Bliley Act (GLBA) (Public Law 106-102) - ✔✔-Also known as the Financial Services
Modernization Act of 1999, was a bank deregulation law that repealed a Depression-era law known as
Glass-Steagall. Contains the Financial Privacy Rule (consumer right to opt out/in), Safeguards Rule and
Pretexting Rule.
Fair and Accurate Credit Transactions Act - ✔✔-An amendment to the Fair Credit Reporting Act. It allows
consumers to request and obtain a free credit report once each year from each of the three primary
consumer credit reporting companies (Equifax, Experian, and TransUnion)
Health Insurance Portability and Accountability Act (HIPAA) - ✔✔-Designed to improve the portability
and continuity of health insurance coverage; to reduce fraud, waste, and abuse in health insurance and
healthcare delivery; and to simplify the administration of health insurance.
Family Educational Rights and Privacy Act (FERPA) - ✔✔-A federal law that assigns certain rights to
parents regarding their children's educational records.
Children's Online Privacy Protection Act (COPPA) - ✔✔-Requires any website that caters to children
must offer comprehensive privacy policies, notify parents or guardians about its data collection
practices, and receive parental consent before collecting any personal information from children under
13 years of age.
Title III of the Omnibus Crime Control and Safe Streets Act - ✔✔-Also known as the Wiretap Act,
regulates the interception of wire (telephone) and oral communications
Foreign Intelligence Surveillance Act (FISA) - ✔✔-Describes procedures for the electronic surveillance
and collection of foreign intelligence information in communications between foreign powers and the
agents of foreign powers.
Executive Order 12333 - ✔✔-Identifies various U.S. governmental intelligence-gathering agencies and
defines what information can be collected, retained, and disseminated by these agencies.
Electronic Communications Privacy Act (ECPA) - ✔✔-Deals with three main issues: the protection of
communications while in transfer from sender to receiver; the protection of communications held in
electronic storage; and the prohibition of devices from recording dialing, routing, addressing, and
signaling information without a search warrant.
Communications Assistance for Law Enforcement Act (CALEA) - ✔✔-Required the telecommunications
industry to build tools into its products that federal investigators could use—after obtaining a court
order—to eavesdrop on conversations and intercept electronic communications.
USA PATRIOT Act (Uniting and Strengthening America by Providing Appropriate Tools Required to
Intercept and Obstruct Terrorism) - ✔✔-Gave sweeping new powers to both domestic law enforcement
and U.S. international intelligence agencies, including increasing the ability of law enforcement agencies
to search telephone, email, medical, financial, and other records. It also eased restrictions on foreign
intelligence gathering in the United States.
USA Freedom Act - ✔✔-Terminated the bulk collection of telephone metadata by the NSA. Instead,
telecommunications providers are now required to hold the data and respond to NSA queries on the
data.
Cookies - ✔✔-Text files that can be downloaded to the hard drives of users who visit a website, so that
the website is able to identify visitors on subsequent visits
Data breach - ✔✔-The unintended release of sensitive data or the access of sensitive data by
unauthorized individuals
Identity theft - ✔✔-The theft of personal information, which is then used without the owner's
permission.
Electronic discovery (e-discovery) - ✔✔-The collection, preparation, review, and production of
electronically stored information for use in criminal and civil actions and proceedings.
Electronically stored information (ESI) - ✔✔-Includes any form of digital information, including emails,
drawings, graphs, web pages, photographs, word-processing files, sound recordings, and databases
stored on any form of magnetic storage device, including hard drives, CDs, and flash drives.
Litigation hold notice - ✔✔-Informs the recipient to save relevant data and to suspend data that might
be due to be destroyed based on normal data-retention rules.
Predictive coding - ✔✔-A process that couples human guidance with computer-driven concept searching
in order to "train" document review software to recognize relevant documents within a document
universe.
Cyberloafing - ✔✔-Defined as using the internet for purposes unrelated to work, such as posting to
Facebook, sending personal emails or instant messages, or shopping online.
Vehicle event data recorder (EDR) - ✔✔-A device that records vehicle and occupant data for a few
seconds before, during, and after any vehicle crash that is severe enough to deploy the vehicle's airbags.
Zero-day exploit - ✔✔-A cyberattack that takes place before the security community or software
developers become aware of and fix a security vulnerability.
Exploit - ✔✔-An attack on an information system that takes advantage of a particular system
vulnerability.
Ransomware - ✔✔-A malware that stops you from using your computer or accessing your data until you
meet certain demands, such as paying a ransom or sending photos to the attacker.
Virus - ✔✔-A piece of programming code, usually disguised as something else, that causes a computer
to behave in an unexpected and usually undesirable manner.
Worm - ✔✔-A harmful program that resides in the active memory of the computer and duplicates itself.
Worms differ from viruses in that they can propagate without human intervention, often sending copies
of themselves to other computers by email.
Trojan horse - ✔✔-A seemingly harmless program in which malicious code is hidden.
Logic bomb - ✔✔-A type of trojan which executes when it is triggered by a specific event
Blended threat - ✔✔-A sophisticated threat that combines the features of a virus, worm, Trojan horse,
and other malicious code into a single payload.
Spam - ✔✔-The use of email systems to send unsolicited emails to large numbers of people
Distributed denial-of-service (DDoS) attack - ✔✔-An attack in which a malicious hacker takes over
computers via the internet and causes them to flood a target site with demands for data and other small
tasks
Botnet - ✔✔-Used to describe a large group of such computers, which are controlled from one or more
remote locations by hackers, without the knowledge or consent of the owners of the infected
computers
Zombies - ✔✔-A compromised computer within the botnet
Rootkit - ✔✔-A set of programs that enables its user to gain administrator-level access to a computer
without the end user's consent or knowledge
Advanced persistent threat (APT) - ✔✔-A network attack in which an intruder gains access to a network
and stays there undetected with the intention of stealing data over a long period of time
Phishing - ✔✔-The act of fraudulently using email to try to get the recipient to reveal personal data
Spear-phishing - ✔✔-A variation of phishing in which the phisher sends fraudulent emails to a certain
organization's employees
Smishing - ✔✔-Another variation of phishing that involves the use of texting
Vishing - ✔✔-Similar to smishing except that the victims receive a voicemail message telling them to call
a phone number or access a website
Cyberespionage - ✔✔-Involves the deployment of malware that secretly steals data in the computer
systems of organizations, such as government agencies, military contractors, political organizations, and
manufacturing firms.
Cyberterrorism - ✔✔-The intimidation of government or civilian population by using information
technology to disable critical national infrastructure to achieve political, religious, or ideological goals. It
is an increasing concern for countries and organizations around the globe
U.S. Computer Emergency Readiness Team (US-CERT) - ✔✔-Established to protect the nation's internet
infrastructure against cyberattacks and serves as a clearinghouse for information on new viruses, worms
and other computer security topics.
Social Networking Platform - ✔✔-Creates an online community of internet users that enables members
to break down barriers created by time, distance, and cultural differences.
Social media marketing - ✔✔-Involves the use of social networks to communicate and promote the
benefits of products and services.
Organic Media Marketing - ✔✔-Employs tools provided by or tailored for a particular social media
platform to build a social community and interact with it by sharing posts and responding to customer
comments on the organization's blog and social media accounts.
Cost per thousand impressions (CPM) ads - ✔✔-Billed at a flat rate per 1,000 impressions, which is a
measure of the number of times an ad is displayed—whether it was actually clicked on or not
Cost per click (CPC) ads - ✔✔-Paid for only when someone actually clicks on them
Cyberharassment - ✔✔-A form of cyberabuse in which the abusive behavior, which involves the use of
an electronic communications device, is degrading, humiliating, hurtful, insulting, intimidating,
malicious, or otherwise offensive to an individual or group of individuals, causing substantial emotional
distress
cyberabuse - ✔✔-Any form of mistreatment or lack of care, both physical and mental, using an
electronic communications device that causes harm and distress to others.
Earned Media - ✔✔-Media exposure an organization gets through press and social media mentions,
positive online ratings, reviews, tweets and retweets, reposts (or "shares"), recommendations, and so
on.
Paid Media Marketing - ✔✔-A form of marketing that involves paying a third party to broadcast an
organization's display ads or sponsored messages to social media users.
Social Shopping Platform - ✔✔-A combination of shopping and social networking
Viral Marketing - ✔✔-An approach to advertising that encourages individuals to pass along a marketing
message to others, thus creating the potential for exponential growth in the message's exposure and
influence.
CIA security triad - ✔✔-Confidentiality, integrity, and availability
Risk assessment - ✔✔-A process of assessing security-related risks to an organization's computers and
networks from both internal and external threats
antivirus software - ✔✔-Software that scans for a specific sequence of bytes, known as a virus signature,
that indicates the presence of a specific virus.
business continuity plan - ✔✔-A risk-based strategy that includes an occupant emergency evacuation
plan, a continuity of operations plan, and an incident management plan with an active governance
process to minimize the potential impact of any security incident and to ensure business continuity in
the event of a cyberattack or some form of disaster.
Computer forensics - ✔✔-A discipline that combines elements of law and computer science to identify,
collect, examine, and preserve data from computer systems, networks, and storage devices in a manner
that preserves the integrity of the data gathered so that it is admissible as evidence in a court of law.
disaster recovery plan - ✔✔-A documented process for recovering an organization's business
information system assets—including hardware, software, data, networks, and facilities—in the event of
a disaster.
encryption - ✔✔-The process of scrambling messages or data in such a way that only authorized parties
can read it.
encryption key - ✔✔-A value that is applied (using an algorithm) to a set of unencrypted text (plaintext)
to produce encrypted text that appears as a series of seemingly random characters (ciphertext), which is
unreadable by those without the encryption key needed to decipher it.
firewall - ✔✔-Hardware or software (or a combination of both) that serves as the first line of defense
between an organization's network and the internet; also limits access to the company's network based
on the organization's internet-usage policy.
intrusion detection system (IDS) - ✔✔-Software or hardware (or both) that monitors system and
network resources and activities and notifies network security personnel when it detects network traffic
that attempts to circumvent the security measures of a networked computer environment.
managed security service provider (MSSP) - ✔✔-A company that monitors, manages, and maintains
computer and network security for other organizations.
mission-critical process - ✔✔-Business processes that are more pivotal to continued operations and goal
attainment than others.
next-generation firewall (NGFW) - ✔✔-A hardware- or software-based network security system that is
able to detect and block sophisticated attacks by filtering network traffic dependent on the packet
contents.
reasonable assurance - ✔✔-A concept in computer security that recognizes that managers must use
their judgment to ensure that the cost of control does not exceed the system's benefits or the risks
involved.
risk assessment - ✔✔-The process of assessing security-related risks to an organization's computers and
networks from both internal and external threats.
security audit - ✔✔-An evaluation of whether or not an organization has a well-considered security
policy in place and whether or not it is being followed.
security policy - ✔✔-An organization's security requirements, as well as the controls and sanctions
needed to meet those requirements.
Transport Layer Security (TLS) - ✔✔-A communications protocol or system of rules that ensures privacy
between communicating applications and their users on the internet.
virus signature - ✔✔-A specific sequence of bytes that indicates to antivirus software that a specific virus
is present.
Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) - ✔✔-An agreement of the
World Trade Organization that requires member governments to ensure that intellectual property rights
can be enforced under their laws and that penalties for infringement are tough enough to deter further
violations.
copyright - ✔✔-The exclusive right to distribute, display, perform, or reproduce an original work in
copies or to prepare derivative works based on the work; granted to creators of original works of
authorship.
copyright infringement - ✔✔-A violation of the rights secured by the owner of a copyright; occurs when
someone copies a substantial and material part of another's copyrighted work without permission.
intellectual property - ✔✔-Works of the mind—such as art, books, films, formulas, inventions, music,
and processes—that are distinct and owned or created by a single person or group. Intellectual property
is protected through copyright, patent, trade secret, and trademark laws.
Prioritizing Resources and Organization for Intellectual Property (PRO-IP) Act of 2008 - ✔✔-An act that
created the position of Intellectual Property Enforcement Coordinator within the Executive Office of the
President. It also increased trademark and copyright enforcement and substantially increased penalties
for infringement.
open source code - ✔✔-Any program whose source code is made available for use or modification, as
users or other developers see fit.
plagiarism - ✔✔-The act of stealing someone's ideas or words and passing them off as one's own.
reverse engineering - ✔✔-The process of taking something apart in order to understand it, build a copy
of it, or improve it.
Defend Trade Secrets Act of 2016 - ✔✔-An act passed in 2016 that amended the Economic Espionage
Act to create a federal civil remedy for trade secret misappropriation.
design patent - ✔✔-A type of patent that permits its owner to exclude others from making, using, or
selling the design in question.
Economic Espionage Act (EEA) of 1996 - ✔✔-An act passed in 1996 to help law enforcement agencies
pursue economic espionage. It imposes penalties of up to $10 million and 15 years in prison for the theft
of trade secrets.
Leahy-Smith America Invents Act - ✔✔-An act that changed the U.S. patent system so that the first
person to file with the U.S. Patent and Trademark Office will receive the patent, not necessarily the
person who actually invented the item first.
noncompete agreement - ✔✔-Terms of an employment contract that prohibit an employee from
working for any competitors for a specified period of time, often one to two years.
nondisclosure clauses - ✔✔-Terms of an employment contract that prohibit an employee from revealing
secrets.
patent - ✔✔-A grant of a property right issued by the U.S. Patent and Trademark Office to an inventor;
permits its owner to exclude the public from making, using, or selling a protected invention, and allows
for legal action against violators.
patent infringement - ✔✔-A violation of the rights secured by the owner of a patent; occurs when
someone makes unauthorized use of another's patent.
prior art - ✔✔-The existing body of knowledge that is available to a person of ordinary skill in the art.
cybersquatter - ✔✔-A person or company that registers domain names for famous trademarks or
company names to which they have no connection, with the hope that the trademark's owner will buy
the domain name for a large sum of money.
industrial espionage - ✔✔-The use of illegal means to obtain business information not available to the
general public.
decision support system (DSS) - ✔✔-A type of business information system used to improve decision
making in a variety of industries.
high-quality software systems - ✔✔-Systems that are easy to learn and use because they perform
quickly and efficiently; they meet their users' needs; and they operate safely and reliably so that system
downtime is kept to a minimum.
ISO 9001 family of standards - ✔✔-A set of standards written to serve as a guide to quality products,
services, and management. It provides a set of standardized requirements for a quality management
system.
quality management - ✔✔-The defining, measuring, and refining of the quality of the development
process and the products developed during its various stages. The objective of quality management is to
help developers deliver high-quality systems that meet the needs of their users.
reliability - ✔✔-A measure of the rate of failure in a system that would render it unusable over its
expected lifetime.
risk - ✔✔-The potential of gaining or losing something of value. Risk can be quantified by three
elements: a risk event, the probability of the event happening, and the impact (positive or negative) on
the business outcome if the risk does actually occur.
risk management - ✔✔-The process of id
[Show More]
