An employee is asked by their supervisor to access sensitive information that they are not authorized to view. What ethical action should the employee take?

An unauthorized individual manages to access sensitive information that the organization has discarded. What kind of security threat is the organization facing?

An IT manager is asked by the CEO to secretly monitor all employees' emails and internet activities to identify potential leaks. What ethical action should the IT manager take?1.0 MarksReport the CEO's request to the board of directors anonymouslyMonitor the employees without notifying them for better securityBlackmail the CEO using the gathered informationRefuse the CEO's request directly and risk losing their jobComply with the CEO's request to maintain their job security

Question 1An employee trained to handle PII and SPII leaves confidential patient information unlocked in a public area. Which ethical principles does this violate? Select all that apply.1 pointConfidentialityRemaining unbiasedLawsPrivacy protections2.Question 2Fill in the blank: Privacy protection means safeguarding _____ from unauthorized use.1 pointdocumentationbusiness networkspersonal information compliance processes3.Question 3You receive a text message on your personal device from your manager stating that they cannot access the company’s secured online database. They’re updating the company’s monthly party schedule and need another employee’s birth date right away. Your organization’s policies and procedures state that employee information should never be accessed or shared through personal communication channels. What should you do?1 pointRequest identification from your manager to ensure the text message is authentic; then, provide the birth date.Ask your manager to provide proof of their inability to access the database. Respectfully decline, then remind your manager of the organization's guidelines.Give your manager the employee's birth date; a party is a friendly gesture.4.Question 4You work for a U.S.-based utility company that suffers a data breach. Several hacktivist groups claim responsibility for the attack. However, there is no evidence to verify their claims. What is the most ethical way to respond to this incident?1 pointConduct cyberattacks against each hacktivist group that claimed responsibility.Escalate the situation by involving other organizations that have been targeted.Improve the company's defenses to help prevent future attacks.Target a specific hacktivist group as a warning to the others.

Most of the employees and possibly even certain executives may not be given access. To ensure these policies are followed, strict regulations must be in place to determine who can see what. This is an example to ensure:Question 5Select one:a.Non-repudiationb.Integrityc.Confidentiality

An organization's IT administrator accidentally stumbles upon personal emails between employees that contain confidential information. What should the administrator do?1.0 MarksReport the accidental access to the organization's legal departmentShare the information with colleagues for amusement Blackmail employees using the sensitive informationDelete the emails to cover up the accidental accessRead and use the information to address potential issues