매달, 우리는 1000명 이상의 사람들이 시험 준비를 잘하고 시험을 잘 통과할 수 있도록 도와줍니다.
WGU Ethics In TechnologyQCO1 온라인 연습
최종 업데이트 시간: 2025년12월09일
당신은 온라인 연습 문제를 통해 WGU Ethics In Technology 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.
시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 Ethics In Technology 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 66개의 시험 문제와 답을 포함하십시오.
정답:
Explanation:
The Fourth Amendment to the U.S. Constitution protects individuals from unreasonable searches and seizures by the government or entities acting in ways that violate privacy rights. When a social media platform collects microphone data without explicit consent, it potentially infringes on users’ reasonable expectation of privacy, raising Fourth Amendment concerns.
While the Fourth Amendment traditionally applies to government actions, legal debates have emerged over whether private companies collecting excessive personal data should be subject to similar scrutiny under privacy laws and regulations such as the Electronic Communications Privacy Act (ECPA) and the Stored Communications Act (SCA).
Relevant Ethical Reference in Technology:
Fourth Amendment & Digital Privacy (Carpenter v. United States, 2018) C The U.S. Supreme Court ruled that warrantless collection of personal digital data can violate the Fourth Amendment.
Ethical Data Collection & Consent (GDPR, CCPA) C Using microphone data without user consent is ethically and legally questionable.
Big Tech & Surveillance Ethics C Ethical concerns arise when tech companies engage in excessive data collection without transparency.
Deontological Ethics (Duty to Respect Privacy) C Data collection should prioritize user rights over profit-driven surveillance.
Thus, the correct answer is
B. Fourth Amendment, as the company’s actions raise concerns about unlawful data collection and digital privacy violations.
정답:
Explanation:
The Health Insurance Portability and Accountability Act (HIPAA) protects the privacy of patient health records and restricts unauthorized access to Protected Health Information (PHI).
Why HIPAA applies to this case:
The nurse accessed the patient’s medical records without authorization, violating the HIPAA Privacy Rule.
HIPAA mandates that only authorized healthcare professionals involved in patient care can access medical records.
Unauthorized access is considered a HIPAA violation, which can result in penalties and disciplinary action.
Why Not the Other Options?
A. Electronic Communications Privacy Act (ECPA) C Protects electronic communications from government surveillance but does not apply to medical records.
C. Gramm-Leach-Bliley Act (GLBA) C Regulates financial data privacy, not medical information.
D. Children's Online Privacy Protection Act (COPPA) C Protects children’s data on websites and apps but does not cover hospital records.
Thus, the correct answer is B. Health Insurance Portability and Accountability Act (HIPAA) as it enforces strict privacy rules for patient medical records.
Reference in Ethics in Technology:
Health Insurance Portability and Accountability Act (HIPAA) (1996), 45 CFR Parts 160 and 164.
U.S. Department of Health & Human Services (HHS) HIPAA Guidelines.
Solove, D. J. (2019). Understanding Privacy.
정답:
Explanation:
The Gramm-Leach-Bliley Act (GLBA) governs the collection, protection, and disclosure of personally identifiable financial information (PII) by financial institutions, including credit reporting agencies.
Why GLBA applies to this case:
Credit reporting agencies handle sensitive consumer financial data, making them subject to GLBA regulations.
The Financial Privacy Rule under GLBA dictates how financial institutions must collect and disclose
PII.
The Safeguards Rule requires companies to appoint a Data Protection Officer (DPO) to oversee data security practices.
Why Not the Other Options?
A. Securities Exchange Act C Governs stock trading and financial disclosures, not PII protection.
B. Sarbanes-Oxley Act (SOX) C Focuses on corporate financial reporting and accounting fraud, not data privacy.
D. Bank Secrecy Act (BSA) C Primarily deals with money laundering and financial crime detection, not consumer data protection.
Thus, the correct answer is
C. Gramm-Leach-Bliley Act (GLBA) as it regulates the collection and protection of financial PII.
Reference in Ethics in Technology:
Gramm-Leach-Bliley Act (1999), 15 U.S.C. §§ 6801-6809.
Federal Trade Commission (FTC) Guide on GLBA Compliance.
Solove,
D. J. (2020). The Privacy Law Fundamentals.
정답:
Explanation:
Employers have the right to reject candidates based on public social media content that suggests illegal activity or violates company policies.
Why is drug use a valid reason for dismissal?
Illegal drug use may violate company policies and raise concerns about reliability, safety, and professionalism.
Many industries, especially cybersecurity and government-related jobs, require security clearances, which prohibit drug use.
U.S. employment laws allow employers to consider illegal drug use when making hiring decisions, provided they do not discriminate based on protected characteristics.
Why Not the Other Options?
A. Posts indicating pregnancy C Pregnancy is a protected characteristic under Title VII of the Civil Rights Act (Pregnancy Discrimination Act) and cannot be used to reject a candidate.
B. Self-identified gender C Gender identity is protected under anti-discrimination laws (e.g., U.S. EEOC guidelines).
C. Age discrepancy in photos C Employers must avoid age discrimination under the Age Discrimination in Employment Act (ADEA).
Thus, the correct answer is
D. Photos depicting use of drugs, as it may legally justify disqualification based on company policies and workplace safety requirements.
Reference in Ethics in Technology:
U.S. Equal Employment Opportunity Commission (EEOC) Guidelines.
U.S. Title VII of the Civil Rights Act (1964).
Age Discrimination in Employment Act (ADEA) (1967).
정답:
Explanation:
A zero-day exploit is a cyberattack that takes advantage of an unknown vulnerability in software, firmware, or hardware before a patch is available.
Key characteristics of a zero-day exploit:
The system was up-to-date on all patches and updates, meaning no known vulnerabilities should have been present.
The antivirus did not detect any malicious code, which suggests that the attack exploited an unknown flaw.
The worker did not engage in any behavior that introduced malware, ruling out traditional malware delivery methods.
Since zero-day exploits target vulnerabilities that have not yet been discovered or fixed, the attack likely bypassed existing security defenses.
Why Not the Other Options?
A. Blended Threat: A combination of multiple attack methods (e.g., worms, Trojans, and phishing), but the scenario suggests a single point of failure.
B. Trojan Horse: Requires the worker to unknowingly install malicious software, which was not the case here.
C. Spear Phishing: Involves a targeted deceptive email, but there is no indication that the worker
clicked on a fraudulent link or downloaded a malicious file.
Thus, the correct answer is
D. Zero-day exploit as it best explains the system compromise despite all security measures being up to date.
Reference in Ethics in Technology:
Schneier,
B. (2015). Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World.
Mitre ATT&CK Framework - Zero-day Exploits.
OWASP Top Ten Security Risks (2023).
정답:
Explanation:
A Denial-of-Service (DoS) attack is a cyberattack in which a hacker floods a target system with an overwhelming amount of requests, causing it to crash, slow down, or become unavailable. In this scenario, the hacker takes over multiple computers and forces them to flood a target site, which is a Distributed Denial-of-Service (DDoS) attack, a more advanced form of DoS.
Relevant Ethical Reference in Technology:
Cybersecurity Ethics (ACM & IEEE Codes of Ethics) C DoS attacks violate ethical and legal principles, causing harm to organizations and users.
Hacking Ethics (White Hat vs. Black Hat Ethics) C Ethical hackers prevent DoS attacks, whereas malicious hackers exploit vulnerabilities.
Cybercrime Laws (Computer Fraud and Abuse Act, GDPR, CFAA) C DoS attacks are illegal and punishable under international cybersecurity laws.
Utilitarian Perspective on Cybersecurity C Defending against DoS attacks protects public and private digital infrastructure, benefiting society.
Thus, the correct answer is
C. Denial-of-service (DoS), as the hacker floods the target site with excessive data queries.
정답:
Explanation:
Workplace monitoring refers to the collection and analysis of employee data to improve workflow efficiency, productivity, and business operations. It involves tracking metrics such as work hours, system usage, and productivity patterns―all while ensuring the data is used strictly for business purposes.
Relevant Ethical Reference in Technology:
Workplace Privacy Ethics C Ethical monitoring should balance business needs with employee privacy rights.
Surveillance Ethics (Foucault, 1975) C Excessive monitoring could violate employee autonomy, making ethical boundaries crucial.
Corporate Governance & Employee Rights (ISO 27001, GDPR) C Transparency and consent are
required when monitoring employee data.
Deontological Ethics (Kantian Ethics) C Treats employees as ends rather than means, ensuring fair workplace practices.
Thus,
C. Workplace monitoring is the correct answer since the organization collects aggregate employee data to improve workflow.
정답:
Explanation:
Consumer profiling is the practice of collecting and analyzing consumer data―including demographic, geographic, and behavioral attributes―to optimize sales strategies, enhance marketing efforts, and personalize customer experiences.
In this scenario, the organization gathers various types of customer data to improve its sales processes, which is a clear example of consumer profiling rather than surveillance or workplace monitoring.
Relevant Ethical Reference in Technology:
Privacy and Data Ethics (GDPR, CCPA) C Consumer profiling raises ethical concerns about informed consent, transparency, and data protection.
Big Data Ethics (Tene & Polonetsky, 2012) C Ethical consumer profiling must ensure fair use, avoidance of bias, and non-discriminatory practices.
Utilitarian vs. Deontological Perspectives C While profiling improves customer experiences, it must not violate privacy rights or enable unethical targeting.
ACM Code of Ethics C Encourages responsible collection, use, and protection of consumer data.
Thus, since the company is gathering consumer data to optimize sales, the correct answer is D.
Consumer profiling.
정답:
Explanation:
The OECD Privacy Guidelines establish principles for protecting personal data, and Individual Participation is the principle that grants individuals the right to:
Access their personal data
Challenge incorrect data
Request corrections to inaccurate information
This ensures transparency and gives individuals control over their own information.
Why Not the Other Options?
B. Purpose Specification C Requires data collection to have a clear, specific purpose, but does not grant individuals the right to review their data.
C. Use Limitation C Limits how collected data can be used but does not focus on individual rights.
D. Security Safeguard C Ensures data protection measures but does not relate to individuals reviewing their data.
Thus, the correct answer is
A. Individual participation, as it upholds the right to access and correct personal information.
Reference in Ethics in Technology:
OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (1980, updated 2013).
General Data Protection Regulation (GDPR) (2018), Articles 15-16.
Solove,
D. J. (2020). Understanding Privacy. Harvard University Press.
정답:
Explanation:
The Financial Privacy Rule of the Gramm-Leach-Bliley Act (GLBA) allows consumers to control how their personal financial information is shared through an opt-out mechanism.
Why is "Opt-Out" a Threat to Data Privacy?
The opt-out model assumes that consumers consent to having their data shared unless they take action to refuse.
Many consumers may not be aware of their right to opt-out, leading to widespread data sharing without explicit consent.
This is less privacy-protective than an opt-in model, where consumers must actively give permission before their data is shared.
Why Not the Other Options?
A. Opt-in C This would enhance privacy, not threaten it.
B. Safeguard C Refers to data security, not data-sharing policies.
D. Pretexting C Involves fraudulent access to financial data, which is a different issue.
Thus, the correct answer is
C. Opt-out, as it weakens consumer privacy protections by allowing data sharing unless the consumer takes action.
Reference in Ethics in Technology:
Gramm-Leach-Bliley Act (1999), 15 U.S.C. §§ 6801-6809.
Federal Trade Commission (FTC) Guide to GLBA Opt-Out Provisions.
Nissenbaum, H. (2010). Privacy in Context: Technology, Policy, and the Integrity of Social Life.
정답:
Explanation:
The Fair Credit Reporting Act (FCRA) is a U.S. law that regulates who can access a person’s credit data and how credit reporting agencies handle consumer information.
Key Provisions of FCRA:
Limits access to credit reports to entities with a "permissible purpose" (e.g., lenders, employers, landlords).
Gives consumers the right to dispute inaccurate credit report information. Mandates credit reporting agencies to ensure the accuracy and privacy of credit data.
Why Not the Other Options?
A. Fair and Accurate Credit Transactions Act (FACTA) C Amends FCRA but focuses more on preventing
identity theft, not on access to credit data.
B. General Data Protection Regulation (GDPR) C A European law protecting personal data, but does not specifically regulate credit reporting.
C. European Union Data Protection Directive C The predecessor of GDPR, also unrelated to U.S.
credit laws.
Thus, the correct answer is
D. Fair Credit Reporting Act (FCRA) as it governs access to credit data.
Reference in Ethics in Technology:
Fair Credit Reporting Act (1970), 15 U.S.C. § 1681.
Federal Trade Commission (FTC) Guide on FCRA.
Solove, D. J. (2019). Nothing to Hide: The False Tradeoff Between Privacy and Security.
정답:
Explanation:
The Gramm-Leach-Bliley Act (GLBA) is a U.S. federal law that governs the privacy and security of consumer financial information.
It contains three key rules:
Financial Privacy Rule C Regulates how financial institutions collect and disclose personal financial information.
Safeguards Rule C Requires financial institutions to implement security programs to protect consumer data.
Pretexting Protection Rule C Prohibits deceptive attempts to obtain personal financial information.
In this case, the Financial Privacy Rule is relevant because it provides consumers with a way to control how their financial data is shared. This rule:
Requires financial institutions to provide privacy notices detailing how they collect, use, and share customer information.
Gives customers the right to opt-out of sharing certain types of financial information with third parties.
Since the customer is concerned about their mortgage details being shared, they can use the Financial Privacy Rule to control such disclosures.
Why Not the Other Options?
B. Pretexting C Involves identity theft or fraudulent attempts to access financial data, which is not relevant here.
C. Consumer Protection C A broad concept that does not specifically address financial data privacy.
D. Safeguards C Focuses on securing customer data from breaches, not on controlling data sharing.
Thus, the correct answer is
A. Financial privacy as it directly addresses the customer’s concern.
Reference in Ethics in Technology:
Gramm-Leach-Bliley Act (1999), 15 U.S.C. §§ 6801-6809.
Federal Trade Commission (FTC) Guide to the GLBA Financial Privacy Rule.
Solove,
D. J. (2020). The Privacy Law Fundamentals. IAPP.
정답:
Explanation:
A social audit is the process of evaluating a company’s ethical, social, and corporate responsibility performance. The executive team reviewed past ethical and social responsibility efforts, set new goals, and shared the results with employees and the board, which aligns directly with a social audit.
Relevant Ethical Reference in Technology:
Business Ethics and Corporate Accountability C Companies must evaluate their social and ethical impact to maintain ethical leadership.
Ethical IT Management (ISO 26000 & CSR Frameworks) C Businesses should regularly assess their ethical and social impact.
Transparency and Ethical Leadership C Sharing findings with employees and stakeholders promotes a culture of accountability.
IT and Digital Ethics C Ethical technology use involves regular review and reassessment of ethical
commitments.
Since the company reviewed its ethical and social responsibility goals and communicated them, it completed a social audit (D is the correct answer).
정답:
Explanation:
IT leaders can encourage ethical behavior by conducting social audits to evaluate the organization's ethical performance and then communicating clear goals for improvement.
A social audit is a structured evaluation of a company’s ethical, social, and environmental impact, ensuring transparency and accountability. By sharing ethical goals, IT leaders create an organizational culture that values integrity and responsibility.
Relevant Ethical Reference in Technology:
Corporate Social Responsibility (CSR) C Ethical leadership requires accountability in areas like employee welfare, environmental impact, and digital ethics.
Stakeholder Theory (Freeman, 1984) C Ethical leadership involves transparency and engagement
with employees, customers, and society.
IEEE and ACM Ethical Guidelines C Highlight the importance of corporate ethics policies and performance reviews.
Ethical IT Governance (ITIL & ISO 26000) C Emphasize corporate responsibility, ethical leadership, and transparency in IT decision-making.
Thus, conducting social audits and communicating ethical goals is the most effective way to promote an ethical culture.
정답:
Explanation:
The first step in ethical decision-making for IT professionals is to develop a problem statement, which involves clearly identifying and defining the ethical issue at hand. Before choosing solutions, an IT professional must fully understand the nature and scope of the problem.
Relevant Ethical Reference in Technology:
Ethical Decision-Making Models C Models like the Kidder Ethical Decision-Making Model and Rest’s Four-Component Model emphasize problem identification as the first step.
ACM Code of Ethics C Encourages IT professionals to assess issues carefully before taking action.
Deontological Ethics (Kantian Ethics) C Ethical decisions require a clear understanding of duty and obligations, which begins with defining the problem.
Business & IT Governance (COBIT Framework) C Ethical IT management requires problem assessment before action.
Thus, the correct first step in ethical decision-making is
B. Develop a problem statement