Key Concepts from Chapter 1: An Overview of Ethics

1. What is Ethics?
• Ethics refers to a set of beliefs about what is right and wrong behavior.
• Ethics are guided by virtues (habits that incline people to act in an acceptable
manner) and vices (habits of unacceptable behavior), which together form a
personal value system.
• Morality can vary depending on factors like age, culture, religion, and life
experiences, which makes ethical decision-making context-dependent.

2. Importance of Integrity
• Integrity is essential to ethical behavior. It means acting according to a consistent
set of principles, treating others with respect, and applying the same standards to all
situations.
• Ethical dilemmas often involve conflicts that aren’t just about right versus wrong
but may be about conflicting principles or interests.

3. Business Ethics
• Business ethics are increasingly important as organizations face complex global
environments and pressure to maintain profitability.
• Fostering good business ethics benefits companies by building goodwill, ensuring
consistent operations, improving business practices, protecting the company from
legal risks, and avoiding unfavorable publicity.

4. Creating an Ethical Organization

• Companies need to create an environment where ethics are central to decision-
making and operations.
• This involves having a corporate ethics officer, establishing a corporate code of
ethics, and conducting social audits to review and communicate the company’s
ethical and social responsibility goals.
• Ethical decision-making processes must be clear, and employees need training and
support in making ethical choices.
5. Approaches to Ethical Decision Making
• Virtue Ethics: Focuses on character and virtues, guiding individuals to make the
right decisions in daily life based on what is considered virtuous within a community.
• Utilitarian Approach: Emphasizes choosing actions that have the best overall
consequences, often using a cost-benefit analysis to achieve the greatest good.
• Fairness Approach: Prioritizes treating all individuals fairly, ensuring that benefits
and burdens are shared equally.
• Common Good Approach: Advocates for working together towards shared values
and goals, promoting systems that benefit everyone.

Multiple Choice Questions

1. What is the primary purpose of a corporate ethics officer?
a. To oversee financial management within a company
b. To ensure the company’s policies and practices align with ethical standards
c. To increase the company’s profit margins through cost-cutting measures
d. To manage employee productivity and efficiency
Answer: b. To ensure the company’s policies and practices align with ethical
standards
2. Which of the following is a key reason why fostering good business ethics is
important?
a. To increase short-term profitability
b. To avoid legal repercussions and unfavorable publicity
c. To ensure the board of directors is well compensated
d. To replace governmental regulation with company-specific rules
Answer: b. To avoid legal repercussions and unfavorable publicity
3. Which ethical decision-making approach focuses on creating a system that
benefits all people?
a. Virtue Ethics
b. Utilitarian Approach
c. Fairness Approach
d. Common Good Approach
Answer: d. Common Good Approach
4. In business ethics, the term ‘integrity’ refers to:
a. Maximizing profits through honest advertising
b. Acting according to a consistent set of personal principles, regardless of the
situation
c. Ensuring that a company’s policies do not violate any laws
d. Complying with all organizational regulations without question
Answer: b. Acting according to a consistent set of personal principles, regardless of
the situation

Fill-in-the-Blank Questions
1. Virtue ethics is an approach to ethical decision-making that emphasizes ___ over
rigid principles.
• Answer: character and virtues
2. Integrity requires applying the same moral standards in all situations, rather than
changing them based on ___ or ___.
• Answer: people, circumstances
3. Social audits are conducted to review how well an organization is meeting its ___
and ___ responsibility goals.
• Answer: ethical, social
4. An effective code of ethics helps employees recognize and deal with ___ issues
and provides mechanisms for reporting ___ conduct.
• Answer: ethical, unethical

Key Concepts from Chapter 2: Ethics for IT Workers and IT Users

1. Characteristics of IT Professionals
• A professional is someone with specialized knowledge, acquired through advanced
training, who exercises judgment and discretion in their work. This work cannot be
standardized, and professionals are expected to contribute to society and engage in
lifelong learning.

2. Relationships IT Workers Must Manage

• IT workers have several key relationships with:
 • Employers: They must follow policies regarding the ethical use of IT, such as
software piracy and whistle-blowing.
• Clients: IT workers must act in the best interest of the client, avoiding conflicts of
interest and providing accurate project updates.
• Suppliers: Ethical relationships require fair dealings without unreasonable
demands or bribery.
• Other Professionals: IT workers should adhere to professional codes of conduct,
avoid resume inflation, and refrain from sharing sensitive corporate information.
• IT Users: Workers are responsible for providing systems that meet user needs,
discouraging software piracy, and safeguarding private and confidential data.
• Society: IT professionals must consider the broader impact of their work on
society, ensuring they do not cause harm.

3. Codes of Ethics
• Professional codes of ethics outline the principles and core values that guide IT
workers in their responsibilities.
• These codes provide guidelines for decision-making, promote high standards, and
help professionals gain trust and respect from the public.

4. Certification and Licensing

• Certifications are a way for IT professionals to demonstrate their skills and
knowledge. Vendor certifications are often specific to certain products or
technologies, while industry association certifications require broader knowledge
and experience.
• Licensing for IT professionals is a debated topic. While it would formalize
professional standards and accountability, there are challenges related to
establishing universally accepted core knowledge and creating a licensing body.

5. Compliance
• Compliance refers to adhering to established policies, guidelines, and laws. This is
critical in IT, where failure to comply can result in penalties, legal action, and loss of
trust.
• Organizations often hire compliance officers and create internal audit committees
to ensure compliance with various regulations and ethical standards.
Multiple Choice Questions
1. Which of the following is a characteristic of an IT professional?
a. Their work is always standardized
b. They exercise discretion and judgment in their work
c. They require minimal training and education
d. They do not need to follow a code of ethics
Answer: b. They exercise discretion and judgment in their work
2. What is one ethical issue that IT workers must manage in their relationship with
employers?
a. Avoiding fraudulent transactions
b. Following software piracy policies
c. Delivering services for free to reduce costs
d. Maintaining a friendship with all coworkers
Answer: b. Following software piracy policies
3. Which of the following is a key ethical issue in the relationship between IT
workers and clients?
a. Providing free software upgrades
b. Ensuring client data is publicly accessible
c. Avoiding conflicts of interest
d. Making decisions without client input
Answer: c. Avoiding conflicts of interest
4. What is a major concern related to professional certification for IT workers?
a. It always increases salaries significantly
b. It is legally required for all IT roles
c. It may lag behind the latest technologies
d. It is only valuable for industry associations
Answer: c. It may lag behind the latest technologies
Fill-in-the-Blank Questions
1. IT workers are expected to manage relationships with employers, clients,
suppliers, and ___.
• Answer: IT users
2. Professional codes of ethics guide IT workers in making ___ decisions and
promote high standards of conduct.
• Answer: ethical
3. Compliance is the process of ensuring that an organization adheres to established
policies, ___ and legal requirements.
• Answer: guidelines
4. One challenge in licensing IT workers is the lack of a universally accepted ___ of
knowledge for the profession.
• Answer: core body

Key Concepts from Chapter 3: Computer and Internet Crime

1. IT Security Incidents
• IT security is crucial for safeguarding confidential business data and protecting
against malicious activities. The number of IT-related security incidents continues to
rise globally.

2. Why Computer Incidents Are So Prevalent

• The increasing complexity of IT environments, combined with the widespread use
of commercial software with known vulnerabilities, has made systems more
vulnerable. Zero-day attacks (exploiting vulnerabilities before they are known or
fixed) are common, and users often delay installing security patches, further
increasing risks.

3. Types of Computer Exploits

• Viruses: Malicious code that causes harm and often spreads through infected files.
• Worms: Self-replicating programs that spread without human intervention.
• Trojan Horses: Malicious code hidden inside seemingly harmless programs.
• Distributed Denial-of-Service (DDoS) Attacks: Flooding a target system with
automated requests, making it unavailable to legitimate users.
• Rootkits: Programs that allow attackers to gain unauthorized control of a system,
often without detection.
• Spam: Unsolicited emails, often used for advertising or malicious purposes.
• Phishing: Fraudulent emails attempting to trick recipients into revealing personal
information, with variations like spear-phishing (targeted emails), smishing (via text),
and vishing (via voice).

4. Types of Perpetrators
• Hackers and Crackers: Hackers test system limits, while crackers engage in clearly
criminal activities.
• Malicious Insiders: Employees or contractors who abuse their access to systems,
often causing significant harm.
• Industrial Spies: Engage in illegal activities to steal trade secrets from competitors.
• Cybercriminals: Hack into systems for fraud, theft, or other criminal activities.
• Hacktivists and Cyberterrorists: Use hacking to promote political or social goals or
to cause harm to governments and society.

5. Managing Security Vulnerabilities

• A multilayered approach is required to manage security risks, including risk
assessments, security policies, and the implementation of firewalls, intrusion
prevention systems, and antivirus software. Organizations must also educate
employees and users about security risks and establish clear incident response plans.

6. Computer Forensics
• Computer forensics involves collecting and preserving digital evidence in a way
that ensures it can be used in court. This process requires specialized training and
adherence to legal standards for evidence collection.
Multiple Choice Questions
1. Which of the following is a common type of computer exploit?
a. Firewall
b. Rootkit
c. VPN
d. Data encryption
Answer: b. Rootkit
2. What is a Distributed Denial-of-Service (DDoS) attack?
a. An attack that installs malware on a target system
b. An attack that floods a system with requests, making it unavailable to legitimate
users
c. A method of encrypting data before it is transmitted
d. A phishing attempt conducted via text messages
Answer: b. An attack that floods a system with requests, making it unavailable to
legitimate users
3. Which of the following is a reason why computer incidents are so prevalent?
a. Widespread use of zero-day patches
b. Simple and standardized IT environments
c. Increasing complexity of IT systems and reliance on commercial software
d. Constant updates of all security software by users
Answer: c. Increasing complexity of IT systems and reliance on commercial software
4. Who are malicious insiders?
a. External hackers attempting to break into systems
b. Employees or contractors who abuse their authorized access to cause harm
c. Industrial spies using legal means to gather intelligence
d. Users who download malicious software unknowingly
Answer: b. Employees or contractors who abuse their authorized access to cause
harm
Fill-in-the-Blank Questions
1. Phishing is a fraudulent attempt to obtain sensitive information by disguising as a
legitimate entity through ___.
• Answer: email
2. Rootkits are programs that allow an attacker to gain control of a system without
the user’s ___ or ___.
• Answer: consent, knowledge
3. Computer forensics involves collecting and preserving data so that it can be used
as ___ in court.
• Answer: evidence
4. Zero-day attacks exploit vulnerabilities before they are ___ or ___.
• Answer: discovered, patched

Key Concepts from Chapter 4: Privacy

1. Definition of Privacy
• Privacy is the right to be left alone, encompassing communications privacy (the
ability to communicate without being monitored) and data privacy (the ability to
control access to personal information).

2. Identity Theft
• Identity theft involves the theft of personal information (e.g., Social Security
numbers, credit card information) to impersonate someone. It is one of the fastest-
growing forms of fraud.
• Common techniques used by identity thieves include:
• Phishing: Trick individuals into providing personal data through fake websites or
emails.
• Spyware: Keystroke logging software that records sensitive information like
usernames and passwords.
• Data breaches: Hackers or poor security procedures can lead to the exposure of
personal information.

3. Consumer Profiling
• Companies collect and analyze personal information (e.g., through cookies and
tracking software) to better understand consumer behavior and deliver targeted
advertising.
• Ethical concerns include transparency and control over personal data. Consumers
may not always be aware that their information is being collected or how it is being
used.

4. Treating Consumer Data Responsibly

• Companies must adopt strong measures to handle consumer data responsibly,
including following best practices like Fair Information Practices to protect privacy
and establish trust with consumers.
• Appointing a Chief Privacy Officer (CPO) to oversee privacy policies is becoming
more common in organizations.

5. Workplace Monitoring
• Employers monitor employee activities to ensure productivity and protect against
potential abuses, such as the inappropriate use of company resources.
• Ethical concerns include balancing productivity monitoring with respect for
employee privacy. In private companies, employees often have fewer privacy
protections compared to public-sector employees.

6. Advanced Surveillance Technologies

• Technologies like camera surveillance and GPS tracking can monitor individuals in
real time, raising privacy concerns about how much data is collected and how it is
used.
• Critics worry about potential abuse and the lack of transparency in data collection
and surveillance practices.
Multiple Choice Questions
1. What is identity theft?
a. Using personal data to impersonate someone and commit fraud
b. Collecting anonymous browsing data for advertising purposes
c. Tracking consumer habits to improve customer experience
d. Monitoring employee internet usage to prevent data breaches
Answer: a. Using personal data to impersonate someone and commit fraud
2. Which of the following is a common technique used by identity thieves?
a. Encrypting sensitive data
b. Creating fake websites to trick users into providing personal information
c. Installing firewalls on user computers
d. Sending users legitimate advertisements through email
Answer: b. Creating fake websites to trick users into providing personal information
3. What is one of the main concerns with consumer profiling?
a. It helps companies provide better customer service
b. Consumers may not be aware their personal data is being collected
c. It reduces the cost of advertising
d. It improves website functionality for all users
Answer: b. Consumers may not be aware their personal data is being collected
4. Why do employers monitor employees in the workplace?
a. To collect personal data for marketing purposes
b. To maintain employee productivity and prevent inappropriate use of company
resources
c. To improve the employee benefits package
d. To track how many hours employees spend on lunch breaks
Answer: b. To maintain employee productivity and prevent inappropriate use of
company resources
Fill-in-the-Blank Questions
1. Identity theft occurs when someone steals personal information, such as a Social
Security number or credit card details, to ___ an individual and commit fraud.
• Answer: impersonate
2. Spyware is malicious software that logs a user’s ___ to capture sensitive data like
passwords and usernames.
• Answer: keystrokes
3. Consumer profiling often involves tracking user behavior through ___ placed on
websites that collect browsing data.
• Answer: cookies
4. Workplace monitoring is a common practice where employers track employee
activities to ensure ___ and prevent the misuse of company resources.
• Answer: productivity