Welcome to the CISSP Cyber Training Podcast , where we provide you the training and tools you need to pass the CISSP exam the first time . Hi , my name is Sean Gerber and I'm your host for this action-packed , informative podcast . Join me each week as I provide the information you need to pass the CISSP exam and grow your cybersecurity knowledge .
All right , let's get started . Hey all Sean Gerber , with CISSP Cyber Training and I hope you guys are all having a wonderful day today . Today is CISSP Question Thursday . So today we're going to be talking about the various aspects as it relates to Domain 1 .
And we're going to be going over navigating contractual law , cybersecurity legislation and computer crime acts . Those are some of the questions that you may see on the CISSP and we're going to go over those as we talked about it in our podcast on Monday . But before we do , one thing I wanted to bring up was I saw this article this week around .
These cyber criminals are actually stealing medical records from plastic surgery offices . Now , if you're listening to this podcast , you may or may not know what much deals with plastic surgery , but it's folks that actually may get procedures done on their bodies to help enhance or to make changes . I'll give you an example my children , one of them .
They both had cleft lip and cleft palate and so therefore they had nose revisions , mouth revisions , those kinds of things , and that is a plastic surgeon . Well , the plastic surgeons are actually getting targeted by these folks that are specifically trying to get medical records from them .
I think that mainly , the one of the aspects that they're trying to do is , in the case of much of the enhancements that are occurring , such as in the United States , there's many people that get breast augmentation , those types of aspects they're trying to then extort these plastic surgeons to then they're going to release these very explicit pictures of individuals
and saying , hey , we're going to release that unless you pay up and use some sort of ransom with that , and so that's just one aspect .
Right , it could be breast augmentation , it could be liposuction , it could be all of those aspects , and that's probably you don't want to take stuff from your lips , but bottom line is they are trying to take and a lot of times these folks will actually have pictures of people and they will then , in turn , try to use that to get leverage to them , have them
pay ransom . So that was really interesting in that that's happening in California , south Dakota , it's Brazil and in the UK it's been occurring .
So you , as a security person , you're going to be dealing with this a lot and you may , even , if you have a business , reach out to some of these folks to ask them if they've dealt with it and if that you could provide them some services .
So there , it's really interesting how these cyber criminals are targeting various entities , trying to gain a foothold within the medical records aspect piece of this , but in the same time , just trying to make money off of poor people that are having to deal with this . So it's not good , but anyway , something that I thought popped up .
I would have never even thought that a cyber criminal would go after a plastic surgeon , because it just didn't make sense to me . But people are , so they need your services now more than ever . All right , so we're going to get into the CISSP cyber questions of this week , and it's over domain one . You can see this video on CISSP cyber training .
You can go get there and get the video . You'll be able to see it on YouTube eventually , or you just listen to this podcast . Obviously , you will be able to hear it immediately . So let's roll into question one which US law makes identity theft a federal crime ? A can spam act , b HIPAA , C identity theft and assumption deterrence act or DMCA .
So when it comes down to which US law makes identity theft a federal crime , it is identity theft and assumption deterrence act , it's ITADA . That is what makes it a federal crime .
Which European law focuses on data protection and privacy A data protection act C or C , b GDPR , c the UK Misuse Act of 1990 , or DEFTA , okay , and which European law focuses on data protection and privacy ? And that is GDPR . General Data Privacy Regulation is what it is called . Question three what does the Economic Espionage Act of 1996 primarily address ?
A copyright infringement , b identity theft , c theft of trade secrets or D email spamming , and that is C theft of trade secrets . Theft of trade secrets or the misappropriation of valuable business information . That does include trade secrets underlines the importance of safeguarding your proprietary information .
Question four which law prohibits unauthorized interception of communications ? A the Can Spam Act . B the Wiretap Act , c the RECO Act or just RECO , and then D the CFAA . And the answer is the B Wiretap Act . Wiretap Act prohibits unauthorized interception of wire , oral or electronic communications . Question five which law targets unauthorized access to computer systems ?
A the UK Computer Misuse Act , b the DMCA , c COPPA or DECPA . Again , which law targets unauthorized access to computer systems ? And the answer is A the UK Misuse Act of 1990 . It criminalizes unauthorized access of computer systems within the UK and it sets legal boundaries for system access , especially for international operations .
Question six which type of law deals with non-criminal disputes ? A administrative law , administrative law , b criminal law , c civil law or D contractual law . Okay so what type of law deals with non-criminal disputes ? And the answer is C civil law . This focuses on resolving non-criminal disputes between two parties and it's crucial for understanding .
These issues , such as a breach of contract or data privacy violations , would be in the context of your CISSP and it is part of the civil law aspects . Question seven what does Can Spam Act regulate ? A identity theft , b commercial emails , c electronic funds transfers or D data protection in healthcare . The Can Spam Act what does it regulate ?
It regulates commercial emails . B the Can Spam Act sets rules for commercial emails and protects consumers against unwanted solicitations . You see this all the time in your emails and that's part of the Can Spam Act .
It's basically an integral part of all organization email policies and I highly recommend that you get aware of it , especially as you become a CISSP and you're doing cybersecurity for a company . Question eight which law governs data protection in healthcare ? A , hipaa , b , copa , c , pci DSS or D CFAA ? And the answer is HIPAA A .
The Health Insurance Portability Accountability Act that's a lot of words governs the protection of sensitive patient health information , particularly those that are crucial to the healthcare industry . Question nine what type of law governs public administration and regulatory agencies ? A civil law , b administrative law , c criminal law or D contractual law ?
And the answer is B administrative law . Administrative law is concerned with public administration and regulatory agencies . It is the key for ensuring policies and procedures are compliant with the governmental regulations . Question 10 , what does DMCA protect ? A trademarks , b digital content , c financial data or D health data . So DMCA , what does it protect ?
And it would be B digital content . Right , it's the Digital Millennium Copyright Act , dmca , and it came out to protect digital content such as software , music videos , et cetera not et cetera , et cetera , all right , and so it's important for any type of media or software that you may have . The DMCA covers that .
Question 11 , which law protects children's online privacy ? A COPPA , b , cisa , b , glba or DEFTA ? Defta that is a acronym , supa , and the answer is A COPPA .
This is the Children's Online Privacy Protection Act , and it does protect online privacy of kids under the age of 13 , and it is crucial for websites and online services that are specifically aimed towards children . So my YouTube channel , they ask me all the time do you promote to kids ?
And so , therefore , you have to look and understand would you fall under COPPA ? Question 12 , what does the RICO Act provide penalties for ? Okay , rico . Okay , what does it plan act provide penalties for ? A data breach , b email spam , c organized crime activity or D copyright infringement .
So , depending upon who your political ads are , right now , our political person is I think Donald Trump at the time of this recording is being looked under RICO . Oh , they're not . That's true or not , who knows ?
But RICO has come up and I did not know what that really was at first , because I'd heard about it but didn't really know , and then , after I kind of understood the acronym , I'm like , oh yeah , I know that , but the RICO Act is for organized crime activity and it's what it's called is . It's a racketeering , influenced and corruption organizations .
That's what RICO Act stands for , and it provides extended penalties for criminal acts performed in an ongoing organization , basically around organized crime . So that's what they're trying to go after for the former president of the United States . So question 13 , which act focuses on electronic funds transfer ? A CISA , b EFTA , c SOX or D FISMA ?
Again , which act focuses on electronic funds transfers ? And that is A CISA . Cisa is the Cyber Information Sharing Act and it aims to improve cybersecurity by facilitating the sharing of cybersecurity threat information between the government and the private sector . All right , you also CISA comes in the Cyber Security Infrastructure Security Agency as well .
So now , if you don't get confused with CISA , you have multiple reasons to get confused . Question 14 , which act focuses on electronic funds transfers ? A the CANSPAM Act , b EFTA , c SOX or D FISMA ? And the answer is B EFTA , which stands for the Electronic Funds Transfer Act .
Efta focuses on protecting consumers engaging in electronic funds transfers and it does set liability limits on those specific transfers , not on the transfers , but basically on if there's an investigation that's done . Question 15 , which law focuses on integrity of financial reporting by corporations ? A FISMA , b SOX , cpci , dss or DGDPR ?
And the answer is B socks , sarbanes , oxley aims to protect the fraudulent financial reporting by corporations and it's good . It is crucial for your security professionals in the financial sector . You need to understand that . All right , that is all I've got for you today . Hey , go out to CISP Cyber Training . I'm looking to make some changes .
We're actually gonna be doing some coaching and mentoring for people . I think you're gonna like it a lot . I have a lot of response from people that are working on their CISP but they go . What do I do for my career ? How do I plan for that ?
Just expect to see some changes around this , because I know there's a definite need for it and with my background of over 20 some years of doing cybersecurity , working from all different positions all the way up to a CISO , I understand what you need . I win . I came from nothing . I was flying B1 bombers to where I'm at today .
I can help you and I'm looking to provide some level of coaching out there and mentoring for you to help you get the career you want , and that includes resume prep . That includes helping you with interview questions so that you can reach and attain the goals you want financially for you and your family .
All right , again , go out to CISSPcybertrainingcom and check it out . I guarantee you will love what I've got out there to help you with your CISSP and on with your future as well . Have a great day . We'll catch you on the flip side , see ya .