ISC2 Exam ISSEP Topic 1 Question 9 Discussion

The Computer Fraud and Abuse Act as amended, provides civil penalties for the creator of viruses,

worms, and other types of malicious code

that causes harm to the computer systems.

The Computer Fraud and Abuse Act is a law passed by the United States Congress in 1984 intended

to reduce cracking of computer systems

and to address federal computer-related offenses. The Computer Fraud and Abuse Act (codified as

18 U.S.C. 1030) governs cases with a

compelling federal interest, where computers of the federal government or certain financial

institutions are involved, where the crime itself is

interstate in nature, or computers used in interstate and foreign commerce. It was amended in

1986, 1994, 1996, in 2001 by the USA PATRIOT

Act, and in 2008 by the Identity Theft Enforcement and Restitution Act. Section (b) of the act

punishes anyone who not just commits or

attempts to commit an offense under the Computer Fraud and Abuse Act but also those who

conspire to do so.

Answer option B is incorrect. The Computer Security Act was passed by the United States Congress.

It was passed to improve the security

and privacy of sensitive information in Federal computer systems and to establish a minimum

acceptable security practices for such systems. It

requires the creation of computer security plans, and the appropriate training of system users or

owners where the systems house sensitive

information.

Answer option C is incorrect. The Gramm-Leach-Bliley Act (GLBA) is also known as the Financial

Services Modernization Act of 1999. It is an act

of the 106th United States Congress (1999-2001) signed into law by President Bill Clinton which

repealed part of the Glass-Steagall Act of

1933, opening up the market among banking companies, securities companies and insurance

companies.

The Gramm-Leach-Bliley Act allowed commercial banks, investment banks, securities firms, and

insurance companies to consolidate. This law

also provides regulations regarding the way financial institutions handle private information

belongings to their clients.

Answer option D is incorrect. The Digital Millennium Copyright Act (DMCA) is a United States

copyright law that implements two 1996 treaties of

the World Intellectual Property Organization (WIPO). It criminalizes production and dissemination of

technology, devices, or services intended

to circumvent measures (commonly known as digital rights management or DRM) that control

access to copyrighted works.

It also criminalizes the act of circumventing an access control, whether or not there is actual

infringement of copyright itself. In addition, the

DMCA heightens the penalties for copyright infringement on the Internet.