Finance Questions
1. GLBA repealed parts of an act. Name the act and explain why that was significant for financial institutions and insurance companies.
Glass-Steagall Act. It was significant for both financial institutions and insurance companies because now they can merge together.
2. What is another name for obtaining information under false pretenses and what does that have to do with GLBA? What is an example of a safeguard pertinent to this requirement?
Pretexting. GLBA provides limited privacy protection against the sale of private information. Organizations covered by GLBA emplace safeguards to protect against pretexting. An example would to properly train employees to recognize pretexting inquiries.
3. How does GLBA impact information systems security and the need for information systems security practitioners and professionals?
GLBA enforces standards that businesses need to comply with so customer’s information is safeguarded. This leads to mandated employee training. Also, with security professionals they can develop written policies and procedures to manage and control risks.
4. If your organization is a financial institution or insurance company that is also publicly traded, what other compliance law must you comply with?
Sarbanes-Oxley Act & Federal Information Security Management Act
5. Which one of these things does GLBA not require financial institutions to do?:
b. The law requires financial institutions to provide customers with their internal security policy.
6. Which U.S. government organization is responsible for enforcing GLBA?
Federal Reserve Board, Federal Deposit Insurance Corporation, Office of Thrift Supervision, Securities and Exchange Commission, Federal Trade Commission, Office of the Comptroller of the Currency
7. For each of the seven domains of a typical IT infrastructure, what process or procedures would you perform to obtain information about security controls and safeguards?
Each domain must have the CIA (confidentiality, integrity,
Glass-Steagall Act. It was significant for both financial institutions and insurance companies because now they can merge together.
2. What is another name for obtaining information under false pretenses and what does that have to do with GLBA? What is an example of a safeguard pertinent to this requirement?
Pretexting. GLBA provides limited privacy protection against the sale of private information. Organizations covered by GLBA emplace safeguards to protect against pretexting. An example would to properly train employees to recognize pretexting inquiries.
3. How does GLBA impact information systems security and the need for information systems security practitioners and professionals?
GLBA enforces standards that businesses need to comply with so customer’s information is safeguarded. This leads to mandated employee training. Also, with security professionals they can develop written policies and procedures to manage and control risks.
4. If your organization is a financial institution or insurance company that is also publicly traded, what other compliance law must you comply with?
Sarbanes-Oxley Act & Federal Information Security Management Act
5. Which one of these things does GLBA not require financial institutions to do?:
b. The law requires financial institutions to provide customers with their internal security policy.
6. Which U.S. government organization is responsible for enforcing GLBA?
Federal Reserve Board, Federal Deposit Insurance Corporation, Office of Thrift Supervision, Securities and Exchange Commission, Federal Trade Commission, Office of the Comptroller of the Currency
7. For each of the seven domains of a typical IT infrastructure, what process or procedures would you perform to obtain information about security controls and safeguards?
Each domain must have the CIA (confidentiality, integrity,