WGU C841 IHP4 Task 1 |Passed on First Attempt
|Latest Update with Complete Solution
Western Governors University
C841 – Legal Issues in Information Security
IHP4 Task 1: Legal Analysis
Status: Passed on First Attempt | Latest Update with Complete Solution
A. Legal Framework Analysis
A1. CFAA and ECPA Violations
Computer Fraud and Abuse Act (CFAA):
The Business Intelligence Unit within TechFite’s Applications Division was discovered
to have accessed sensitive computer documents belonging to the Legal, Human
Resources, and Finance departments without proper authorization, exceeding their
permitted access. Since these computers are connected to the internet and thus engaged in
interstate commerce, this behavior constitutes a clear violation of the Computer Fraud
and Abuse Act (CFAA). The unauthorized access raises both ethical and legal concerns
regarding the misuse of company IT resources.
Electronic Communications Privacy Act (ECPA):
Two user accounts belonging to former employees remained active and were being
exploited by unauthorized individuals to conduct electronic communications. Accessing
stored emails and private communications of these former employees without
authorization violates the Electronic Communications Privacy Act (ECPA), which
protects private digital communications from unauthorized interception, access, or
disclosure.
A2. Key Legal Statutes Implicated
1. CFAA:
The Chief Information Security Officer (CISO) failed to enforce proper
auditing by the IT Security Analyst responsible for overseeing the Applications
Division. This oversight allowed the division to escalate privileges and access
|Latest Update with Complete Solution
Western Governors University
C841 – Legal Issues in Information Security
IHP4 Task 1: Legal Analysis
Status: Passed on First Attempt | Latest Update with Complete Solution
A. Legal Framework Analysis
A1. CFAA and ECPA Violations
Computer Fraud and Abuse Act (CFAA):
The Business Intelligence Unit within TechFite’s Applications Division was discovered
to have accessed sensitive computer documents belonging to the Legal, Human
Resources, and Finance departments without proper authorization, exceeding their
permitted access. Since these computers are connected to the internet and thus engaged in
interstate commerce, this behavior constitutes a clear violation of the Computer Fraud
and Abuse Act (CFAA). The unauthorized access raises both ethical and legal concerns
regarding the misuse of company IT resources.
Electronic Communications Privacy Act (ECPA):
Two user accounts belonging to former employees remained active and were being
exploited by unauthorized individuals to conduct electronic communications. Accessing
stored emails and private communications of these former employees without
authorization violates the Electronic Communications Privacy Act (ECPA), which
protects private digital communications from unauthorized interception, access, or
disclosure.
A2. Key Legal Statutes Implicated
1. CFAA:
The Chief Information Security Officer (CISO) failed to enforce proper
auditing by the IT Security Analyst responsible for overseeing the Applications
Division. This oversight allowed the division to escalate privileges and access
