WGU C841: Legal Issues in Information
Security |PA| pre-Assessment
Question 1
Which U.S. law primarily governs unauthorized access to computer systems?
A. HIPAA
• B. Computer Fraud and Abuse Act (CFAA)
C. Sarbanes‑Oxley Act
D. Gramm‑Leach‑Bliley Act
Rationale: CFAA criminalizes unauthorized access to protected computers, making it
the cornerstone of cybersecurity law.
Question 2
Which regulation focuses on protecting patient health information?
A. GLBA
• B. HIPAA
C. FERPA
D. FISMA
Rationale: HIPAA establishes privacy and security standards for PHI in healthcare
organizations.
Question 3
The Electronic Communications Privacy Act (ECPA) regulates:
A. Financial reporting
• B. Interception of electronic communications
C. Intellectual property rights
D. Export controls
Rationale: ECPA prohibits unauthorized interception of emails, phone calls, and stored
communications.
Question 4
Which act requires financial institutions to explain their information‑sharing practices?
A. HIPAA
• B. Gramm‑Leach‑Bliley Act (GLBA)
C. Sarbanes‑Oxley Act
D. FERPA
Rationale: GLBA mandates privacy notices and safeguards for consumer financial data.
Question 5
Which law enforces accountability for corporate financial reporting and IT controls?
A. HIPAA
B. GLBA
,• C. Sarbanes‑Oxley Act (SOX)
D. CFAA
Rationale: SOX requires internal controls and audit trails, impacting IT security
compliance.
Question 6
FERPA is designed to protect:
A. Healthcare records
B. Financial transactions
• C. Student educational records
D. Intellectual property
Rationale: FERPA ensures confidentiality of student records in educational institutions.
Question 7
Which framework is most relevant for federal agencies’ information security programs?
A. HIPAA
B. GLBA
• C. FISMA (Federal Information Security Management Act)
D. SOX
Rationale: FISMA requires federal agencies to implement comprehensive information
security programs.
Question 8
Which international regulation emphasizes data subject rights and cross‑border data
transfer restrictions?
A. HIPAA
B. SOX
• C. GDPR (General Data Protection Regulation)
D. CFAA
Rationale: GDPR enforces strict rules on personal data handling and international
transfers.
Question 9
Which law requires breach notification for health records?
A. SOX
• B. HITECH Act
C. GLBA
D. CFAA
Rationale: HITECH strengthens HIPAA by requiring breach notifications for PHI.
Question 10
Export controls on encryption are governed by:
A. HIPAA
B. SOX
• C. EAR/ITAR (Export Administration Regulations / International Traffic in Arms
Regulations)
, D. GLBA
Rationale: EAR/ITAR regulate export of cryptographic technologies.
Question 11
Which law protects intellectual property in software?
A. HIPAA
• B. Copyright Act
C. GLBA
D. SOX
Rationale: Copyright law protects original works, including software code.
Question 12
Which act criminalizes identity theft?
A. HIPAA
B. GLBA
• C. Identity Theft and Assumption Deterrence Act
D. SOX
Rationale: This act makes identity theft a federal crime.
Question 13
Which law governs electronic signatures in commerce?
A. HIPAA
B. GLBA
• C. ESIGN Act
D. SOX
Rationale: ESIGN Act validates electronic signatures for contracts.
Question 14
Which law protects children’s online privacy?
A. HIPAA
B. GLBA
• C. COPPA (Children’s Online Privacy Protection Act)
D. SOX
Rationale: COPPA regulates collection of data from children under 13.
Question 15
Which law requires federal agencies to safeguard classified information?
A. HIPAA
B. GLBA
• C. National Security Act
D. SOX
Rationale: Governs handling of classified national security information.
Question 16
Which law regulates unsolicited commercial email?
A. HIPAA
Security |PA| pre-Assessment
Question 1
Which U.S. law primarily governs unauthorized access to computer systems?
A. HIPAA
• B. Computer Fraud and Abuse Act (CFAA)
C. Sarbanes‑Oxley Act
D. Gramm‑Leach‑Bliley Act
Rationale: CFAA criminalizes unauthorized access to protected computers, making it
the cornerstone of cybersecurity law.
Question 2
Which regulation focuses on protecting patient health information?
A. GLBA
• B. HIPAA
C. FERPA
D. FISMA
Rationale: HIPAA establishes privacy and security standards for PHI in healthcare
organizations.
Question 3
The Electronic Communications Privacy Act (ECPA) regulates:
A. Financial reporting
• B. Interception of electronic communications
C. Intellectual property rights
D. Export controls
Rationale: ECPA prohibits unauthorized interception of emails, phone calls, and stored
communications.
Question 4
Which act requires financial institutions to explain their information‑sharing practices?
A. HIPAA
• B. Gramm‑Leach‑Bliley Act (GLBA)
C. Sarbanes‑Oxley Act
D. FERPA
Rationale: GLBA mandates privacy notices and safeguards for consumer financial data.
Question 5
Which law enforces accountability for corporate financial reporting and IT controls?
A. HIPAA
B. GLBA
,• C. Sarbanes‑Oxley Act (SOX)
D. CFAA
Rationale: SOX requires internal controls and audit trails, impacting IT security
compliance.
Question 6
FERPA is designed to protect:
A. Healthcare records
B. Financial transactions
• C. Student educational records
D. Intellectual property
Rationale: FERPA ensures confidentiality of student records in educational institutions.
Question 7
Which framework is most relevant for federal agencies’ information security programs?
A. HIPAA
B. GLBA
• C. FISMA (Federal Information Security Management Act)
D. SOX
Rationale: FISMA requires federal agencies to implement comprehensive information
security programs.
Question 8
Which international regulation emphasizes data subject rights and cross‑border data
transfer restrictions?
A. HIPAA
B. SOX
• C. GDPR (General Data Protection Regulation)
D. CFAA
Rationale: GDPR enforces strict rules on personal data handling and international
transfers.
Question 9
Which law requires breach notification for health records?
A. SOX
• B. HITECH Act
C. GLBA
D. CFAA
Rationale: HITECH strengthens HIPAA by requiring breach notifications for PHI.
Question 10
Export controls on encryption are governed by:
A. HIPAA
B. SOX
• C. EAR/ITAR (Export Administration Regulations / International Traffic in Arms
Regulations)
, D. GLBA
Rationale: EAR/ITAR regulate export of cryptographic technologies.
Question 11
Which law protects intellectual property in software?
A. HIPAA
• B. Copyright Act
C. GLBA
D. SOX
Rationale: Copyright law protects original works, including software code.
Question 12
Which act criminalizes identity theft?
A. HIPAA
B. GLBA
• C. Identity Theft and Assumption Deterrence Act
D. SOX
Rationale: This act makes identity theft a federal crime.
Question 13
Which law governs electronic signatures in commerce?
A. HIPAA
B. GLBA
• C. ESIGN Act
D. SOX
Rationale: ESIGN Act validates electronic signatures for contracts.
Question 14
Which law protects children’s online privacy?
A. HIPAA
B. GLBA
• C. COPPA (Children’s Online Privacy Protection Act)
D. SOX
Rationale: COPPA regulates collection of data from children under 13.
Question 15
Which law requires federal agencies to safeguard classified information?
A. HIPAA
B. GLBA
• C. National Security Act
D. SOX
Rationale: Governs handling of classified national security information.
Question 16
Which law regulates unsolicited commercial email?
A. HIPAA
