“Shoulder surfing”occurs when an identity thief simply stands next to someone at a public office, such as the Bureau of Motor Vehicles, and watches as the person fills out personal information on a form.

Originally, the term cracker was used to describe a person who enjoyed computer technology and spent time learning and using computer systems.

Worms can create copies on the same computer or can send the copies to other computers via a network.

Some antivirus software is capable of repairing common virus infections automatically, without interrupting your work.

Using a password sniffer, a criminal hacker can gain access to computers and networks to steal data and information, invade privacy, plant viruses, and disrupt computer operations.

Internet-based software piracy occurs when software is legally downloaded from the Internet.

Intrusion detection systems send an alarm, often by e-mail or pager, to network security personnel when they detect an apparent attack.

The Sarbanes-Oxley Act is a federal law passed in December 2000 that required federally funded libraries to use some form of prevention measure (such as Internet filters) to block access to obscene material and other material considered harmful to minors.

A firewall can include both hardware and software that act as a barrier between an organization’s information system and the outside world.

Federal law prohibits employers from monitoring e-mail sent and received by employees.

E-mail messages that have been erased from hard disks can be retrieved and used in lawsuits because the laws of discovery demand that companies produce all relevant business documents.

Instead of forcing users to find and read through the privacy policy for each site they visit, P3P software in a computer’s browser will download the privacy policy from each site, scan it, and notify the user if the policy does not match his or her preferences.

The Children’s Online Privacy Protection Act (COPPA) was passed by Congress in October 2002.

A federal law that was passed in 1999 allows unsolicited fax advertisements.

CTS involves wrist pain, a feeling of tingling and numbness, and difficulty grasping and holding objects.

The goal of the ____ act is to require healthcare organizations to implement cost-effective procedures for exchanging medical data.

____ involves the use of one’s social skills to get computer users to provide you with information to access an information system and/or its data.

Going through the trash cans of an organization to find secret or confidential information, including information needed to access an information system and/or its data, is known as ____.

____ are employees, disgruntled or otherwise, working solo or in concert with outsiders to compromise corporate systems.

A ____ is a computer program file capable of attaching to disks or other files and replicating itself repeatedly, typically without the user’s knowledge or permission.

____ are parasitic computer programs that replicate but, unlike viruses, do not infect other computer program files.

A ____ is a malicious program that disguises itself as a useful application and purposefully does something the user does not expect.

____ is the process of converting an original electronic message into a form that can be understood only by the intended recipients.

____ enables users of an unsecured public network such as the Internet to securely and privately exchange data through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.

____ involves the measurement of one of a person’s traits, whether physical or behavioral.

A(n) ____ monitors system and network resources and notifies network security personnel when it senses a possible intrusion.

____ is the science of designing machines, products, and systems to maximize the safety, comfort, and efficiency of the people who use them.

Many organizations implement ____ to measure actual results against established goals, such as percentage of end-user reports produced on time, percentage of data input errors detected, number of input transactions entered per eight-hour shift, and so on.

The ____ Act requires public companies to implement procedures to ensure that their audit committees can document underlying financial data to validate earnings reports.

____ is charged with coordinating communication among experts during computer security emergencies and helping to prevent future incidents.

____ employees study Internet security vulnerabilities, handle computer security incidents, publish security alerts, research long-term changes in networked systems, develop information and training to help organizations improve security at their sites, and conduct an ongoing public awareness campaign.

The specific goals of ____ are to protect children from potentially harmful material, while also safeguarding free speech on the Internet.