WGU D333 ETHICS IN TECHNOLOGY - WGU EXAM QUESTIONS
AND VERIFIED ANSWERS UPDATED 2024
acceptable use policy (AUP)
A document that stipulates restrictions and practices that a user must agree in order to
use organizational computing and network resources.
acceptance
When an organization decides to accept a risk because the cost of avoiding the risk
outweighs the potential loss of the risk. A decision to accept a risk can be extremely
difficult and controversial when dealing with safety-critical systems because making that
determination involves forming personal judgments about the value of human life,
assessing potential liability in case of an accident, evaluating the potential impact on the
surrounding natural environment, and estimating the system's costs and benefits.
advanced persistent threat (APT)
A network attack in which an intruder gains access to a network and stays there—
undetected—with the intention of stealing data over a long period of time (weeks or
even months).
agile development
A software development methodology in which a system is developed in iterations
lasting from one to four weeks. Unlike the waterfall system development model, agile
development accepts the fact that system requirements are evolving and cannot be fully
understood or defined at the start of the project.
Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS)
An agreement of the World Trade Organization that requires member governments to
ensure that intellectual property rights can be enforced under their laws and that
penalties for infringement are tough enough to deter further violations.
American Recovery and Reinvestment Act
A wide-ranging act that authorized $787 billion in spending and tax cuts over a 10-year
period and included strong privacy provisions for electronic health records, such as
,banning the sale of health information, promoting the use of audit trails and encryption,
and providing rights of access for patients.
annualized loss expectancy (ALE)
The estimated loss from a potential risk event over the course of a year. The following
equation is used to calculate the annual loss expectancy: ARO × SLE = ALE. Where
ARO is the annualized rate of occurrence, an estimate of the probability that this event
will occur over the course of a year and SLE is the single loss expectancy, the
estimated loss that would be incurred if the event happens.
annualized rate of occurrence (ARO)
An estimate of the probability that a risk event will occur over the course of a year.
anonymous expression
The expression of opinions by people who do not reveal their identity.
anonymous remailer service
A service that allows anonymity on the Internet by using a computer program that strips
the originating header and/or IP address from the message and then forwards the
message to its intended recipient.
anti-SLAPP laws
Laws designed to reduce frivolous SLAPPs (strategic lawsuit against public participation
(SLAPP), which is a lawsuit filed by corporations, government officials, and others
against citizens and community groups who oppose them on matters of concern).
antivirus software
Software that scans for a specific sequence of bytes, known as a virus signature, that
indicates the presence of a specific virus.
artificial intelligence systems
The people, procedures, hardware, software, data, and knowledge needed to develop
computer systems and machines that can simulate human intelligence processes,
including learning (the acquisition of information and rules for using the information),
reasoning (using rules to reach conclusions), and self-correction (using the outcome
from one scenario to improve its performance on future scenarios).
audit committee
,A group that provides assistance to the board of directors in fulfilling its responsibilities
with respect to the oversight of the quality and integrity of the organization's accounting
and reporting practices and controls, including financial statements and reports; the
organization's compliance with legal and regulatory requirements; the qualifications,
independence, and performance of the company's independent auditor; and the
performance of the company's internal audit team.
avoidance
The elimination of a vulnerability that gives rise to a particular risk in order to avoid the
risk altogether. This is the most effective solution but often not possible due to
organizational requirements and factors beyond an organization's control.
Bathsheba syndrome
The moral corruption of people in power, which is often facilitated by a tendency for
people to look the other way when their leaders act inappropriately.
best practice
A method or technique that has consistently shown results superior to those achieved
with other means and that is used as a benchmark within a particular industry.
Bill of Rights
The first 10 amendments to the United States Constitution that spell out additional rights
of individuals.
black-box testing
A type of dynamic testing that involves viewing the software unit as a device that has
expected input and output behaviors but whose internal workings are unknown (a black
box).
blended threat
A sophisticated threat that combines the features of a virus, worm, Trojan horse, and
other malicious code into a single payload.
body of knowledge
An agreed-upon sets of skills and abilities that all licensed professionals must possess.
botnet
A large group of computers, which are controlled from one or more remote locations by
hackers, without the knowledge or consent of their owners.
, breach of contract
The failure of one party to meet the terms of a contract.
breach of the duty of care
The failure to act as a reasonable person would act.
breach of warranty
When a product fails to meet the terms of its warranty.
bribery
The act of providing money, property, or favors to someone in business or government
in order to obtain a business advantage.
bring your own device (BYOD)
A business policy that permits, and in some cases, encourages employees to use their
own mobile devices (smartphones, tablets, or laptops) to access company computing
resources and applications, including email, corporate databases, the corporate
intranet, and the Internet.
BSA | The Software Alliance
A trade group that represent the world's largest software and hardware manufacturers.
business continuity plan
A risk-based strategy that includes an occupant emergency evacuation plan, a
continuity of operations plan, and an incident management plan with an active
governance process to minimize the potential impact of any security incident and to
ensure business continuity in the event of a cyberattack or some form of disaster.
business information system
A set of interrelated components—including hardware, software, databases, networks,
people, and procedures—that collects and processes data and disseminates the output.
Capability Maturity Model Integration (CMMI) models
Collection of best practices that help organizations improve their processes.
CAPTCHA (Completely Automated Public Turing Test to Tell Computers and
Humans Apart)
Software that generates and grades tests that humans can pass and all but the most
sophisticated computer programs cannot.
certification
AND VERIFIED ANSWERS UPDATED 2024
acceptable use policy (AUP)
A document that stipulates restrictions and practices that a user must agree in order to
use organizational computing and network resources.
acceptance
When an organization decides to accept a risk because the cost of avoiding the risk
outweighs the potential loss of the risk. A decision to accept a risk can be extremely
difficult and controversial when dealing with safety-critical systems because making that
determination involves forming personal judgments about the value of human life,
assessing potential liability in case of an accident, evaluating the potential impact on the
surrounding natural environment, and estimating the system's costs and benefits.
advanced persistent threat (APT)
A network attack in which an intruder gains access to a network and stays there—
undetected—with the intention of stealing data over a long period of time (weeks or
even months).
agile development
A software development methodology in which a system is developed in iterations
lasting from one to four weeks. Unlike the waterfall system development model, agile
development accepts the fact that system requirements are evolving and cannot be fully
understood or defined at the start of the project.
Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS)
An agreement of the World Trade Organization that requires member governments to
ensure that intellectual property rights can be enforced under their laws and that
penalties for infringement are tough enough to deter further violations.
American Recovery and Reinvestment Act
A wide-ranging act that authorized $787 billion in spending and tax cuts over a 10-year
period and included strong privacy provisions for electronic health records, such as
,banning the sale of health information, promoting the use of audit trails and encryption,
and providing rights of access for patients.
annualized loss expectancy (ALE)
The estimated loss from a potential risk event over the course of a year. The following
equation is used to calculate the annual loss expectancy: ARO × SLE = ALE. Where
ARO is the annualized rate of occurrence, an estimate of the probability that this event
will occur over the course of a year and SLE is the single loss expectancy, the
estimated loss that would be incurred if the event happens.
annualized rate of occurrence (ARO)
An estimate of the probability that a risk event will occur over the course of a year.
anonymous expression
The expression of opinions by people who do not reveal their identity.
anonymous remailer service
A service that allows anonymity on the Internet by using a computer program that strips
the originating header and/or IP address from the message and then forwards the
message to its intended recipient.
anti-SLAPP laws
Laws designed to reduce frivolous SLAPPs (strategic lawsuit against public participation
(SLAPP), which is a lawsuit filed by corporations, government officials, and others
against citizens and community groups who oppose them on matters of concern).
antivirus software
Software that scans for a specific sequence of bytes, known as a virus signature, that
indicates the presence of a specific virus.
artificial intelligence systems
The people, procedures, hardware, software, data, and knowledge needed to develop
computer systems and machines that can simulate human intelligence processes,
including learning (the acquisition of information and rules for using the information),
reasoning (using rules to reach conclusions), and self-correction (using the outcome
from one scenario to improve its performance on future scenarios).
audit committee
,A group that provides assistance to the board of directors in fulfilling its responsibilities
with respect to the oversight of the quality and integrity of the organization's accounting
and reporting practices and controls, including financial statements and reports; the
organization's compliance with legal and regulatory requirements; the qualifications,
independence, and performance of the company's independent auditor; and the
performance of the company's internal audit team.
avoidance
The elimination of a vulnerability that gives rise to a particular risk in order to avoid the
risk altogether. This is the most effective solution but often not possible due to
organizational requirements and factors beyond an organization's control.
Bathsheba syndrome
The moral corruption of people in power, which is often facilitated by a tendency for
people to look the other way when their leaders act inappropriately.
best practice
A method or technique that has consistently shown results superior to those achieved
with other means and that is used as a benchmark within a particular industry.
Bill of Rights
The first 10 amendments to the United States Constitution that spell out additional rights
of individuals.
black-box testing
A type of dynamic testing that involves viewing the software unit as a device that has
expected input and output behaviors but whose internal workings are unknown (a black
box).
blended threat
A sophisticated threat that combines the features of a virus, worm, Trojan horse, and
other malicious code into a single payload.
body of knowledge
An agreed-upon sets of skills and abilities that all licensed professionals must possess.
botnet
A large group of computers, which are controlled from one or more remote locations by
hackers, without the knowledge or consent of their owners.
, breach of contract
The failure of one party to meet the terms of a contract.
breach of the duty of care
The failure to act as a reasonable person would act.
breach of warranty
When a product fails to meet the terms of its warranty.
bribery
The act of providing money, property, or favors to someone in business or government
in order to obtain a business advantage.
bring your own device (BYOD)
A business policy that permits, and in some cases, encourages employees to use their
own mobile devices (smartphones, tablets, or laptops) to access company computing
resources and applications, including email, corporate databases, the corporate
intranet, and the Internet.
BSA | The Software Alliance
A trade group that represent the world's largest software and hardware manufacturers.
business continuity plan
A risk-based strategy that includes an occupant emergency evacuation plan, a
continuity of operations plan, and an incident management plan with an active
governance process to minimize the potential impact of any security incident and to
ensure business continuity in the event of a cyberattack or some form of disaster.
business information system
A set of interrelated components—including hardware, software, databases, networks,
people, and procedures—that collects and processes data and disseminates the output.
Capability Maturity Model Integration (CMMI) models
Collection of best practices that help organizations improve their processes.
CAPTCHA (Completely Automated Public Turing Test to Tell Computers and
Humans Apart)
Software that generates and grades tests that humans can pass and all but the most
sophisticated computer programs cannot.
certification
