National NSA/DHS Centers of Academic Excellence in Information Assurance/Cyber Defense

One of the knowledge units is called:

Policy, Legal, Ethics and Compliance

The purpose is to ensure that students understand “information assurance in context and the rules and guidelines that control them.”

The topics are:


 Computer Security Act

 Sarbanes – Oxley

 Gramm – Leach – Bliley

 Privacy (COPPA)

 Payment Card Industry Data Security Standard (PCI DSS)

 State, US and international standards / jurisdictions

 Laws and Authorities

 US Patriot Act

 BYOD issues

 Americans with Disabilities Act, Section 508

The intended outcomes are:

 Students shall be able to list the applicable laws and policies related to cyber defense and describe the major components of each pertaining to the storage and transmission of data.

 Students shall be able to describe their responsibilities related to
the handling of information about vulnerabilities.

 Students will be able to describe how the type of legal dispute
(civil, criminal, private) affects the evidence used to resolve it.

HW4proj & HW4case

HW4proj, due Monday Mar. 6, 2017

Note: Professional neatness and clarity of format count! Follow this template. 

  • Make a blog entry titled “HW4proj.” If your term project (see “Course Information” tab for details) is a paper, write 449 words or more and put it in the blog. Do not include any material already in a previous blog entry. To see the word count, copy into MS Word and look at the little status bar in the lower left corner of its window. OpenOffice Writer has a tool that you can click on to find out the # of words. Let me know if you can’t find it.
  • If your project is not a paper, do the equivalent amount of work. Explain what you did on your blog. For team projects, focus on your own activities although you can also discuss the overall effort to provide some context. Explain and give evidence (for example, if a web site, you could provide a link to it; if software, give the code; if a skit, give some of the script or list rehearsal or meeting times; etc.).  If you’re not sure what to do, see me or send me an email and I will try to suggest something.
  • Format your blog entry consistently with the template.


Due dates for in-class students:

  • Q1 is due Tuesday, Mar. 7, 2017 at the beginning of class
  • Q2 is due Tuesday or Thursday, Mar. 7 or 9, 2017, during class
  • Q3 is due Monday, Mar. 13, 2017

Due date for online students:

  • All Qs due Monday, Mar. 13, 2017

Note i: Professional neatness and clarity of format counts! In-class students see this example. Online students see this example.

Note ii: in this HW, your case should be an actual code of ethics that you find on the web.

1. Prepare notes on a code of ethics (which will be your case study for this HW). If you are an in-class student, these should be usable in class for presenting your ethics case to your group and leading the group in discussing it on Tuesday or Thursday. (Online students can use them to help with the other parts of this HW.) In-class students (due Tu 3/7/17 before class): you will use these notes in class, so show them to me right before class so I can note down that you get credit for Q1:

  • Print them out on paper, or
  • Write them by hand on a sheet of paper, or
  • Display them on a smartphone, tablet, or laptop (not the desk computer in the classroom, because group dynamics work better when the discussion leader does not need to face or turn toward a stationary computer).

Online students: post your notes to your blog.

Your notes should include the following.

  • A link or other citation to the case you are using, or if it is from personal experience, point that out.
  • A list of 8 or more important facts about the case. These could help you tell your group members or anyone or remind yourself what the case is all about.
  • A list of questions (6 or more) you could ask your group members in order to get an interesting and enlightening discussion going (for in-class students), or that you could consider yourself or ask someone else about (for online students); see the “Questions to ask during discussion” tab on the course web page for some suggestions in developing your discussion questions.

2. In-class students: On either Tuesday or Thursday, explain your case to your group and lead discussion on it. Divide the two 50-minute classes into parts so that each person in your group gets to lead discussion about their case. It is ok, however, if some discussions end up taking longer than others, as long as everyone gets a turn.When another member of your discussion group is leading, help them out, and sharpen your thinking skills, by listening and participating in the discussion. Doing other things, using your phone, etc., will lose points. NOTE: When another member of your discussion group is leading, help them by participating in the discussion.

Online students: Explain the case and discuss the questions you devised about it. Post this on your blog.

3. Write up your case on your blog with the following subheadings:

  • “The facts of the case.” Here is where you describe the case in your own words.
  • “My conclusions.” Your conclusions and opinions about the case. Be sure to explain and justify what you write. 3 sentences of average length or more.
  • “Future environment.” Describe your vision of a future in which technology is more advanced than today, or society has changed in some significant way, such that the ethical issues of the case would be even more important than they are in today’s world. 3 sentences of average length or more.
  • “Future scenario.” Describe how this ethical case (or an analogous one) would or should play out in the environment of the future, and give your opinions about it. 3 sentences of average length or more.