CISSP-ISSEP · Question #182
Which of the following federal laws is designed to protect computer data from theft?
The correct answer is B. Computer Fraud and Abuse Act (CFAA). B (CFAA) is correct because the Computer Fraud and Abuse Act (1986) is the primary federal law that criminalizes unauthorized access to computers and the theft of data, making it the go-to statute for prosecuting computer-related crimes and data breaches. Why the distractors are
Question
Which of the following federal laws is designed to protect computer data from theft?
Options
- AFederal Information Security Management Act (FISMA)
- BComputer Fraud and Abuse Act (CFAA)
- CGovernment Information Security Reform Act (GISRA)
- DComputer Security Act
How the community answered
(45 responses)- B91% (41)
- C2% (1)
- D7% (3)
Explanation
B (CFAA) is correct because the Computer Fraud and Abuse Act (1986) is the primary federal law that criminalizes unauthorized access to computers and the theft of data, making it the go-to statute for prosecuting computer-related crimes and data breaches.
Why the distractors are wrong:
- A (FISMA) focuses on requiring federal agencies to develop security programs - it's about compliance frameworks, not criminalizing data theft.
- C (GISRA) was a predecessor to FISMA, also focused on federal agency security management requirements, not criminal prosecution of theft.
- D (Computer Security Act of 1987) tasked NIST with setting security standards for federal systems - again, a standards/management law, not an anti-theft criminal statute.
Memory tip: Think "Fraud and Abuse → Criminal Act" - the CFAA has the words Fraud and Abuse in its name, signaling it's the one that goes after bad actors, while the others (FISMA, GISRA, CSA) are all about internal government security management.
Topics
Community Discussion
No community discussion yet for this question.