WGU C717 Ethics in Technology
Exam 2025/2026 – Verified Questions
and Correct Answers | Grade A
Question 1
What is the primary purpose of the General Data Protection Regulation (GDPR) in the context of
IT ethics?
A. To regulate software development standards.
C. To protect personal data and ensure user privacy rights.
B. To enforce intellectual property laws.
D. To standardize cybersecurity protocols.
Rationale: GDPR, enacted by the EU, focuses on safeguarding personal data and ensuring
compliance with privacy rights, aligning with ethical principles of transparency and user
autonomy in data handling.
Question 2
A company collects user data without explicit consent. This violates which ethical principle?
A. Integrity.
C. Respect for autonomy.
B. Beneficence.
D. Justice.
Rationale: Respect for autonomy, a core ethical principle, requires informed consent for data
collection, ensuring individuals control their personal information, per professional ethics
standards like those in ACM’s Code of Ethics.
Question 3
Under HIPAA, what must healthcare organizations do with protected health information (PHI)?
A. Share it freely for research.
C. Implement safeguards to ensure confidentiality and security.
B. Store it indefinitely without encryption.
D. Disclose it to third parties without consent.
Rationale: HIPAA mandates technical, physical, and administrative safeguards for PHI to
ensure data privacy and compliance, reflecting ethical obligations to protect patient
confidentiality.
,Question 4
Which ethical framework emphasizes outcomes over actions in IT decision-making?
A. Deontology.
C. Consequentialism.
B. Virtue ethics.
D. Contractualism.
Rationale: Consequentialism evaluates actions based on their outcomes, guiding IT
professionals to prioritize beneficial results, such as user safety, in ethical technology
deployment.
Question 5
A software developer discovers a security flaw but is pressured to ignore it. What does the ACM
Code of Ethics suggest?
A. Follow management’s directive.
C. Report the flaw to protect public welfare.
B. Ignore the flaw if it’s minor.
D. Sell the information to a third party.
Rationale: The ACM Code prioritizes public safety and professional ethics, obligating
developers to disclose vulnerabilities that could harm users, ensuring accountability in IT
compliance.
Question 6
What is a key requirement of the California Consumer Privacy Act (CCPA)?
A. Mandatory data sharing with advertisers.
C. Right to opt out of data sales and access personal data.
B. Unlimited data retention periods.
D. No disclosure of data breaches.
Rationale: CCPA enhances consumer data privacy by granting rights to access, delete, and opt
out of data sales, aligning with ethical principles of transparency and user control in compliance
frameworks.
Question 7
An IT professional uses pirated software for a project. This violates which principle in the IEEE
Code of Ethics?
A. Honesty.
C. Compliance with intellectual property rights.
, B. Fairness.
D. Confidentiality.
Rationale: The IEEE Code emphasizes respecting intellectual property, making unauthorized
software use unethical as it undermines legal compliance and professional integrity.
Question 8
What is the ethical concern with deploying biased AI algorithms?
A. Increased processing speed.
C. Discrimination and unfair outcomes for certain groups.
B. Reduced development costs.
D. Improved data accuracy.
Rationale: Biased AI can perpetuate discrimination, violating ethical principles of fairness and
justice, as emphasized in frameworks like AI Ethics Guidelines by IEEE, requiring unbiased
design for equitable outcomes.
Question 9
What does the principle of beneficence require in IT ethics?
A. Ignoring user feedback.
C. Acting to promote user well-being and minimize harm.
B. Maximizing company profits.
D. Limiting system access.
Rationale: Beneficence, a core ethical principle, obligates IT professionals to prioritize user
safety and benefits, ensuring technologies enhance welfare, per professional codes like BCS.
Question 10
A company experiences a data breach. What is the ethical response under GDPR?
A. Conceal the breach to avoid panic.
C. Notify affected users and authorities within 72 hours.
B. Delay notification indefinitely.
D. Share details only with shareholders.
Rationale: GDPR mandates prompt breach notification (within 72 hours) to authorities and
users, reflecting ethical transparency and compliance with data privacy regulations.
Question 11
Which concept ensures users are informed about how their data is used?
A. Data encryption.
Exam 2025/2026 – Verified Questions
and Correct Answers | Grade A
Question 1
What is the primary purpose of the General Data Protection Regulation (GDPR) in the context of
IT ethics?
A. To regulate software development standards.
C. To protect personal data and ensure user privacy rights.
B. To enforce intellectual property laws.
D. To standardize cybersecurity protocols.
Rationale: GDPR, enacted by the EU, focuses on safeguarding personal data and ensuring
compliance with privacy rights, aligning with ethical principles of transparency and user
autonomy in data handling.
Question 2
A company collects user data without explicit consent. This violates which ethical principle?
A. Integrity.
C. Respect for autonomy.
B. Beneficence.
D. Justice.
Rationale: Respect for autonomy, a core ethical principle, requires informed consent for data
collection, ensuring individuals control their personal information, per professional ethics
standards like those in ACM’s Code of Ethics.
Question 3
Under HIPAA, what must healthcare organizations do with protected health information (PHI)?
A. Share it freely for research.
C. Implement safeguards to ensure confidentiality and security.
B. Store it indefinitely without encryption.
D. Disclose it to third parties without consent.
Rationale: HIPAA mandates technical, physical, and administrative safeguards for PHI to
ensure data privacy and compliance, reflecting ethical obligations to protect patient
confidentiality.
,Question 4
Which ethical framework emphasizes outcomes over actions in IT decision-making?
A. Deontology.
C. Consequentialism.
B. Virtue ethics.
D. Contractualism.
Rationale: Consequentialism evaluates actions based on their outcomes, guiding IT
professionals to prioritize beneficial results, such as user safety, in ethical technology
deployment.
Question 5
A software developer discovers a security flaw but is pressured to ignore it. What does the ACM
Code of Ethics suggest?
A. Follow management’s directive.
C. Report the flaw to protect public welfare.
B. Ignore the flaw if it’s minor.
D. Sell the information to a third party.
Rationale: The ACM Code prioritizes public safety and professional ethics, obligating
developers to disclose vulnerabilities that could harm users, ensuring accountability in IT
compliance.
Question 6
What is a key requirement of the California Consumer Privacy Act (CCPA)?
A. Mandatory data sharing with advertisers.
C. Right to opt out of data sales and access personal data.
B. Unlimited data retention periods.
D. No disclosure of data breaches.
Rationale: CCPA enhances consumer data privacy by granting rights to access, delete, and opt
out of data sales, aligning with ethical principles of transparency and user control in compliance
frameworks.
Question 7
An IT professional uses pirated software for a project. This violates which principle in the IEEE
Code of Ethics?
A. Honesty.
C. Compliance with intellectual property rights.
, B. Fairness.
D. Confidentiality.
Rationale: The IEEE Code emphasizes respecting intellectual property, making unauthorized
software use unethical as it undermines legal compliance and professional integrity.
Question 8
What is the ethical concern with deploying biased AI algorithms?
A. Increased processing speed.
C. Discrimination and unfair outcomes for certain groups.
B. Reduced development costs.
D. Improved data accuracy.
Rationale: Biased AI can perpetuate discrimination, violating ethical principles of fairness and
justice, as emphasized in frameworks like AI Ethics Guidelines by IEEE, requiring unbiased
design for equitable outcomes.
Question 9
What does the principle of beneficence require in IT ethics?
A. Ignoring user feedback.
C. Acting to promote user well-being and minimize harm.
B. Maximizing company profits.
D. Limiting system access.
Rationale: Beneficence, a core ethical principle, obligates IT professionals to prioritize user
safety and benefits, ensuring technologies enhance welfare, per professional codes like BCS.
Question 10
A company experiences a data breach. What is the ethical response under GDPR?
A. Conceal the breach to avoid panic.
C. Notify affected users and authorities within 72 hours.
B. Delay notification indefinitely.
D. Share details only with shareholders.
Rationale: GDPR mandates prompt breach notification (within 72 hours) to authorities and
users, reflecting ethical transparency and compliance with data privacy regulations.
Question 11
Which concept ensures users are informed about how their data is used?
A. Data encryption.
