Business/Professional Ethics Directors/Executives/Acct
8th Edition
ISBN: 9781337485913
Author: BROOKS
Publisher: Cengage
expand_more
expand_more
format_list_bulleted
Question
error_outline
This textbook solution is under construction.
Students have asked these similar questions
A group of IT experts disclosed the “internet cookies” vulnerability of your organisation in a recent online security test. Describe to your management the security concerns that “internet cookies” portend?
Which preventive, detective, and/or corrective controls would best mitigate the following threat, and why?
(e)A company’s programming staff wrote custom code for the shopping cart feature on its website. The code contained a vulnerability that could be exploited when the customer typed in the ship-to address.
Innovative Marketing, Inc. (IMI), sold “scareware”—computer security software. IMI’s Internet ads redirected consumers to sites where they were told that a scan of their computers had detected dangerous files—viruses, spyware, and “illegal” pornography. In fact, no scans were conducted. Kristy Ross, an IMI co-founder and vice president, reviewed and edited the ads, and was aware of the many com- plaints that consumers had made about them. An individual can be held liable under the Federal Trade Commission Act’s prohibition of deceptive acts or practices if the person (1) participated directly in the deceptive practices or had the authority to control them and (2) had or should have had knowledge of them.
Were IMI’s ads deceptive? If so, can Ross be held liable? Explain..
Knowledge Booster
Similar questions
- Which of the following is not a way to prevent your computer from being attacked by ransomware? A. making sure your antivirus security programs are up to date B. opening all attachments from emails from unknown senders C. using secure (password protected) networks and backing up your files regularly D. not using open Wi-Fi (nonpassword, nonencrypted) in public locationsarrow_forwardWhich preventive, detective, and/or corrective controls would best mitigate the following threat, and why? (d) An employee received an email purporting to be from her boss informing her of an important new attendance policy. When she clicked on a link embedded in the email to view the new policy, she infected her laptop.arrow_forwardDo you think that Sony’s response to the attack was appropriate? Why or why not? What might Sony and the U.S. government done differently to discourage future such attacks on other U.S. organizations? Are there measures that organizations and the U.S. government can take together to prevent both real-world terrorist violence and cyberattacks? According to a recent report by Gartner, most business users will have access to some sort of self-service BI tool within the next few years; however, Gartner estimates that less than 10 percent of companies will have sufficient data governance practices in place to prevent data inconsistencies across the organization. Why do you think so many companies continue to invest in new analytics tools without implementing governance programs that ensure data consistency?arrow_forward
- Which preventive, detective, and/or corrective controls would best mitigate the following threat, and why? (c) A criminal remotely accessed a sensitive database using the authentication credentials (user ID and strong password) of an IT manager. At the time the attack occurred, the IT manager was logged into the system at his workstation at company headquarters.arrow_forwardThe internal auditor of a small company has recommended to the CEO that it invest in a disaster recovery plan (DRP) because of several identified vulnerabilities. Traditional in-house DRP approaches are, however, not a viable option because the company lacks the necessary IT resources to implement and manage these tasks. The auditor has suggested that outsourcing disaster recovery to a cloud-based service provider may be a reasonable alternative. The CEO has no experience with cloud computing and has asked the internal auditor to provide him with more information. Required: Prepare a report outlining cloud computing. Your report should address the following: Describe how the services provided under cloud computing relate to disaster recovery planning. Outline the risks associated with this technologyarrow_forwardThe internal auditor of a small company has recommended to the CEO that it invest in a disaster recovery plan (DRP) because of several identified vulnerabilities. Traditional in-house DRP approaches are, however, not a viable option because the company lacks the necessary IT resources to implement and manage these tasks. The auditor has suggested that outsourcing disaster recovery to a cloud-based service provider may be a reasonable alternative. The CEO has no experience with cloud computing and has asked the internal auditor to provide him with more information. Required: Prepare a report outlining cloud computing. Your report should address the following: List the key features of cloud computingarrow_forward
- Viljoen plc has suffered the following events:(1) An accidental failure of IT security resulting in publication of confidential client data(2) A deliberate breach of IT security resulting in client data being passed to a competitor(3) A new government regulation resulting in increased IT security costsWhich of these events are examples of cyber risks materialising?A. (1) and (2) onlyB. (1) and (3) onlyC. (2) and (3) only OD. (1), (2) and (3)arrow_forwardWhich of the following statements is NOT correct? a. EAMs capture transactions during processing without removing the application from service. b. EAMs support continuous monitoring of controls. c. EAMs have the potential to corrupt corporate databases d. EAMs decrease operational performance. e. All of the above are correct statements.arrow_forwardSTUDY QUESTIONS Why is human behavior considered one of the biggest potential threats to operating system integrity? What are the issues that need to be considered before implementing keystroke monitoring? Describe the three ways on how an audit trail can be used to support security objectives. Explain how poorly designed audit trail logs can actually be dysfunctional. Why would a systems programmer create a back door if he or she has access to the program in his or her day-to-day tasks? PROBLEMS Problem 1: Charles Hart, an accounts payable clerk, is an hourly employee. He never works a minute past 5 P.M. unless the overtime has been approved. Charles has recently found himself faced with some severe financial difficulties. He has been accessing the system from his home during the evening and setting up an embezzlement scheme. As his boss, what control technique(s) can be used to help detect this type of fraud? Problem 2: In 2002, Mr. Rollerball started Mighty Mouse,…arrow_forward
- Which preventive, detective, and/or corrective controls would best mitigate the following threat, and why? (i)To facilitate working from home, an employee installed a modem on his office workstation. An attacker successfully penetrated the company’s system by dialing into that modem.arrow_forwardSelect the correct answer(s) for the following multiple choice questions. Note that there may be more than one correct answer. Which of the following statements is (are) true about computer fraud perpetrators? a. They are typically younger and are motivated by curiosity, the challenge of beating the system, and gaining stature in the hacking community. b. They do not see themselves as criminals and rarely, if ever, seek to turn their actions into money. c. They write and sell malicious software that infect computers with viruses or can be used to steal money or data that can be sold. d. They are a top FBI priority because they organize fraud schemes targeted at specific individuals and businesses.arrow_forwardSelect the correct answer(s) for the following multiple-choice questions. Note that there may be more than one correct answer. The number of incidents and the total dollar losses from computer fraud are increasing rapidly for several reasons: a. Many instances of computer fraud go undetected and many frauds are not reported. b. Many companies are moving to cloud services where there are few data security controls. c. Internet sites offer step-by-step instructions on how to perpetrate computer fraud and abuse. d. Law enforcement is not interested in preventing or prosecuting computer fraud. e. There are no laws against computer fraud so prosecution is difficultarrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Business/Professional Ethics Directors/Executives...AccountingISBN:9781337485913Author:BROOKSPublisher:CengageAccounting Information SystemsAccountingISBN:9781337619202Author:Hall, James A.Publisher:Cengage Learning,Pkg Acc Infor Systems MS VISIO CDFinanceISBN:9781133935940Author:Ulric J. GelinasPublisher:CENGAGE L
- Principles of Accounting Volume 1AccountingISBN:9781947172685Author:OpenStaxPublisher:OpenStax College
Business/Professional Ethics Directors/Executives...
Accounting
ISBN:9781337485913
Author:BROOKS
Publisher:Cengage
Accounting Information Systems
Accounting
ISBN:9781337619202
Author:Hall, James A.
Publisher:Cengage Learning,
Pkg Acc Infor Systems MS VISIO CD
Finance
ISBN:9781133935940
Author:Ulric J. Gelinas
Publisher:CENGAGE L
Principles of Accounting Volume 1
Accounting
ISBN:9781947172685
Author:OpenStax
Publisher:OpenStax College