ITSY 1300 - Chapter 1 Questions with 100%
Correct Answers 2025 | 2026
What is unauthorized access, and how can it lead to data
breaches? - ANSWER The ability to getting on a system without
permission (by getting User ID or password). It can lead to
access of sensitive data.
Sarbanes-Oxley Act (SOX) - ANSWER 2002 US law that requires
public traded companies to submit accurate and reliable
financial reporting. It requires security controls to protect the
confidentiality and integrity of the reporting itself.
Health Insurance Portability and Accountability Act (HIPAA) -
ANSWER 1996 US law that requires health care organizations to
have security and privacy controls implemented to ensure
patient privacy.
Federal Information Security Modernization Act (FISMA) -
ANSWER Requires federal civilian agencies to provide security
controls over resources that support federal operations.
, Gramm-Leach Bliley Act (GLBA) - ANSWER 1999 US law that
requires all types of financial institutions to protect customer's
private financial information.
Payment Card Industry Data Security Standard (PCI DSS) -
ANSWER Global standard that requires protection of credit card
customer privacy data with proper security controls.
Family Educational Rights and Privacy Act (FERPA) - ANSWER
Protects the private data of students and their school records.
Children's Internet Protection Act (CIPA) - ANSWER 2000 US law
that requires public schools and public libraries to use an
internet safety policy.
Explain what security control is and list 3 examples. - ANSWER
Security control is what an organization does to reduce risk.
1. Security awareness training
2. Layered security solution for IT infrastructure.
3. Periodic security assessments.
Correct Answers 2025 | 2026
What is unauthorized access, and how can it lead to data
breaches? - ANSWER The ability to getting on a system without
permission (by getting User ID or password). It can lead to
access of sensitive data.
Sarbanes-Oxley Act (SOX) - ANSWER 2002 US law that requires
public traded companies to submit accurate and reliable
financial reporting. It requires security controls to protect the
confidentiality and integrity of the reporting itself.
Health Insurance Portability and Accountability Act (HIPAA) -
ANSWER 1996 US law that requires health care organizations to
have security and privacy controls implemented to ensure
patient privacy.
Federal Information Security Modernization Act (FISMA) -
ANSWER Requires federal civilian agencies to provide security
controls over resources that support federal operations.
, Gramm-Leach Bliley Act (GLBA) - ANSWER 1999 US law that
requires all types of financial institutions to protect customer's
private financial information.
Payment Card Industry Data Security Standard (PCI DSS) -
ANSWER Global standard that requires protection of credit card
customer privacy data with proper security controls.
Family Educational Rights and Privacy Act (FERPA) - ANSWER
Protects the private data of students and their school records.
Children's Internet Protection Act (CIPA) - ANSWER 2000 US law
that requires public schools and public libraries to use an
internet safety policy.
Explain what security control is and list 3 examples. - ANSWER
Security control is what an organization does to reduce risk.
1. Security awareness training
2. Layered security solution for IT infrastructure.
3. Periodic security assessments.
