Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] Re: Laws and Ethics domain Question.

from [Doug Landoll] Network Security [Permanent Link]
Subject: [CISSP-D] Re: Laws and Ethics domain Question.
Date: Mon, 20 Jun 2005 13:58:41 -0000 
It is widely regarded that past CISSP tests would require knowledge 
of many US ciber crime laws. These would include the following:

- The Privacy Act of 1974
- Computer Fraud and Abuse Act of 1984 (and related amendments)
- Computer Security Act of 1987 (perhaps GISRA - 2000 and FISMA 2003)
- Electronic Communications Privacy Act (1986)
- HIPAA (1996)
- GLBA (1999)
- Children's Online Privacy Protection Act (COPPA) (1998)
- Family Educational Rights and Privacy Act
- USA Patriot Act 

However, we all know that the ISC2 is hoping to make the CISSP test 
much more international. There first attempt at this was rather lame 
as seen in the recent CBK outline that stated that we should all 
know international laws such as EU law, Muslim Law, etc. This was a 
lame attempt since it gave no practical advice on "what" we would 
need to know about these different legal codes.

I believe the latest attempt is the best yet (as seen in the CISSP 
survey sent out last week). In this survey ISC2 revealed an actual 
outline for what we need to know about international laws. These are 
more concepts than actual laws and include the following:

- different rules of evidence
- difference rule regarding IP (know US IP laws vs. WIPO laws
- "trans-border information flow" (makes drawing lines difficult)
- exportation restrictions (regarding encryption)
- different rules and definitions of fraud

I know this may not narrow down your studying, but perhaps it will 
open a thread of discussion where others can add to the info 
provided above.

Regards,

Doug Landoll, CISSP, CISA
President, Veridyn Inc.
(512) 310-2228


- 






--- In CISSP-Discuss@yahoogroups.com, "Nadeem Rafi" <nrafi@j...> 
wrote:

Dear All,
 
Can any one provide information about CISSP domain "Laws and 

Ethics", is it necessary to know about USA specific laws as being 
non-usa related. If not then please let me know which laws are 
expected to be on the list and if unfortunately yes, then what 
are "those USA specific" laws which we have to study.

 
Best Regards,
 
 
Nadeem Rafi








 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [CISSP-D] Laws and Ethics domain Question., Nadeem Rafi
Next by Date:  [CISSP-D] Thanks !!, niranjan.holla
Previous by Thread:  [CISSP-D] Laws and Ethics domain Question., Nadeem Rafi
Next by Thread:  [CISSP-D] Thanks !!, niranjan.holla
Indexes:  [Date] [Thread] [Top] [All Lists]