WGU (QCO1) Ethics In Technology Exam Practice Test Instant Access

Question 1

A bank customer recently received a mailer from a third party affiliated with the customer's bank. The customer is concerned because the mailer includes information about the customer's remaining mortgage amount.

What is a rule or provision of the Gramm-Leach-Bliley Act (GLBA) that provides a process for the customer to control this type of information?

AFinancial privacy

BPretexting

CConsumer protection

DSafeguards

Answer : A

The Gramm-Leach-Bliley Act (GLBA) is a U.S. federal law that governs the privacy and security of consumer financial information. It contains three key rules:

Financial Privacy Rule -- Regulates how financial institutions collect and disclose personal financial information.

Safeguards Rule -- Requires financial institutions to implement security programs to protect consumer data.

Pretexting Protection Rule -- Prohibits deceptive attempts to obtain personal financial information.

In this case, the Financial Privacy Rule is relevant because it provides consumers with a way to control how their financial data is shared. This rule:

Requires financial institutions to provide privacy notices detailing how they collect, use, and share customer information.

Gives customers the right to opt-out of sharing certain types of financial information with third parties.

Since the customer is concerned about their mortgage details being shared, they can use the Financial Privacy Rule to control such disclosures.

Why Not the Other Options?

B . Pretexting -- Involves identity theft or fraudulent attempts to access financial data, which is not relevant here.

C . Consumer Protection -- A broad concept that does not specifically address financial data privacy.

D . Safeguards -- Focuses on securing customer data from breaches, not on controlling data sharing.

Thus, the correct answer is A. Financial privacy as it directly addresses the customer's concern.

Reference in Ethics in Technology:

Gramm-Leach-Bliley Act (1999), 15 U.S.C. 6801-6809.

Federal Trade Commission (FTC) Guide to the GLBA Financial Privacy Rule.

Solove, D. J. (2020). The Privacy Law Fundamentals. IAPP.

Question 2

A robotics company engages an IT firm to deliver a marketing software solution. During the project, the robotics company asks for additional features that were not in the initial contract. The IT firm's project leader is unsure whether it can deliver these features but verbally agrees to the scope change. On delivery, the robotics company notes that several of the additional features are not included and that because of this, the solution is not compatible with certain legacy systems the company did not initially disclose.

Which factor might have mitigated the problem if the IT firm's project leader had abided by a professional code of ethics?

AMinimizing scope creep requests from the customer

BImproving decision-making around agreeing to additional scopes

CAvoiding the delivery of an incompatible solution

DUnderstanding the legal implications of noncontractual agreements

Answer : B

The issue in this scenario stems from scope creep---when a project's requirements expand beyond the original contract. The IT firm's project leader verbally agreed to additional features without ensuring their feasibility, leading to incomplete delivery and incompatibility issues.

By following a professional code of ethics, the project leader would have:**

Carefully assessed whether the additional scope was feasible

Formalized the agreement in writing rather than relying on verbal commitments

Ensured realistic expectations regarding system compatibility

Relevant Ethical Reference in Technology:

Project Management Ethics (PMI Code of Ethics) -- Encourages informed decision-making and clear scope agreements.

ACM & IEEE Codes of Ethics -- Stress honest communication, responsibility, and due diligence in IT projects.

Contract Law & Professional Responsibility -- Professionals should document scope changes to avoid miscommunication.

Utilitarian Ethics (Preventing Harm) -- Poor decisions on scope cause project failures and stakeholder losses.

Thus, the correct answer is B. Improving decision-making around agreeing to additional scopes, as ethical decision-making could have mitigated scope creep issues.

Question 3

An IT company adopts a professional cod of ethics suggested by a nationally recognized IT professionals organization. Which benefit to the company can be directly derived from adopting a professional code of ethics?

AGuidelines for principled decision-making

BAn evaluation benchmark

CIncreased yearly revenue

DDecreased company expenditure

Answer : A

A professional code of ethics provides a framework for ethical decision-making, guiding IT professionals in handling complex ethical dilemmas. By adopting an industry-standard ethical code, the company ensures that employees make principled decisions aligned with integrity, fairness, and responsibility.

Relevant Ethical Reference in Technology:

ACM Code of Ethics & IEEE Code of Conduct -- Set guidelines for responsible and ethical IT practices.

Corporate Governance & Ethical Leadership -- Ethical guidelines help organizations avoid unethical behavior and reputational damage.

Deontological Ethics (Duty to Act Ethically) -- Professionals must uphold ethical standards regardless of financial incentives.

Utilitarian Ethics (Long-Term Trust & Stability) -- Ethical decision-making builds public confidence in IT companies.

Thus, the correct answer is A. Guidelines for principled decision-making, as a professional code of ethics helps IT professionals navigate ethical challenges.

Question 4

Which action can IT leaders take to encourage ethical behavior in their organizational culture?

AInclude traditional criteria in employee appraisals

BOffer optional training for employees

CEstablish a chief executive officer (CEO) position

DConduct social audits and communicate goals

Answer : D

IT leaders can encourage ethical behavior by conducting social audits to evaluate the organization's ethical performance and then communicating clear goals for improvement.

A social audit is a structured evaluation of a company's ethical, social, and environmental impact, ensuring transparency and accountability. By sharing ethical goals, IT leaders create an organizational culture that values integrity and responsibility.

Relevant Ethical Reference in Technology:

Corporate Social Responsibility (CSR) -- Ethical leadership requires accountability in areas like employee welfare, environmental impact, and digital ethics.

Stakeholder Theory (Freeman, 1984) -- Ethical leadership involves transparency and engagement with employees, customers, and society.

IEEE and ACM Ethical Guidelines -- Highlight the importance of corporate ethics policies and performance reviews.

Ethical IT Governance (ITIL & ISO 26000) -- Emphasize corporate responsibility, ethical leadership, and transparency in IT decision-making.

Thus, conducting social audits and communicating ethical goals is the most effective way to promote an ethical culture.

Question 5

A consulting company employs H-1B workers. Even though companies applying for H*1B visas must offer a wage that is at least 95% of the average salary for the occupation, a close review of salaries within the consulting firm suggests that its H-1B workers are often paid 20% less on average than those with similar skill sets.

Which loophole is the company using to avoid paying H-1B workers a fair wage?

ALaying off employees with U.S. citizenship to lower the average salary numbers

BClassifying an H-1B worker as entry level when they fill a position of an experienced worker

CPressuring H-1B workers to file petitions with the government to allow lower salary

DEmploying H-1 B workers to work remotely from countries where the cost of living is lower

Answer : B

The H-1B visa program requires employers to pay foreign workers at least 95% of the average salary for their occupation. However, some companies exploit a loophole by misclassifying experienced H-1B workers as entry-level to justify paying them lower wages.

By doing this, the company artificially lowers salary expectations for H-1B workers, avoiding compliance with wage requirements while benefiting from cheaper labor.

Relevant Ethical Reference in Technology:

H-1B Wage Regulations (Department of Labor, LCA Requirements) -- Employers must accurately classify workers based on experience level.

Corporate Ethics & Fair Compensation -- Ethical labor practices ensure fair wages regardless of immigration status.

Utilitarian & Deontological Ethics -- Ethical employers should not manipulate classifications to exploit workers.

Whistleblower Protections (H-1B & Immigration Labor Laws) -- H-1B employees can report misclassification and wage exploitation.

Thus, the correct answer is B. Classifying an H-1B worker as entry level when they fill a position of an experienced worker, as it allows employers to pay lower wages unfairly.

Question 6

An underage actor is admitted to a local hospital. A nurse from another department wants to know what the patient's ailment is. The nurse accesses the patient's medical record and is subsequently flagged for unauthorized access.

Which law has the nurse violated?

AElectronic Communications Privacy Act (ECPA)

BHealth Insurance Portability and Accountability Act (HIPAA)

CGramm-Leach-Bliley Act (GLBA)

DChildren's Online Privacy Protection Act (COPPA)

US. Department of Health & Human Services (HHS) HIPAA Guidelines.
Solove, D. J. (2019). Understanding Privacy.

Answer : B

The Health Insurance Portability and Accountability Act (HIPAA) protects the privacy of patient health records and restricts unauthorized access to Protected Health Information (PHI).

Why HIPAA applies to this case:

The nurse accessed the patient's medical records without authorization, violating the HIPAA Privacy Rule.

HIPAA mandates that only authorized healthcare professionals involved in patient care can access medical records.

Unauthorized access is considered a HIPAA violation, which can result in penalties and disciplinary action.

Why Not the Other Options?

A . Electronic Communications Privacy Act (ECPA) -- Protects electronic communications from government surveillance but does not apply to medical records.

C . Gramm-Leach-Bliley Act (GLBA) -- Regulates financial data privacy, not medical information.

D . Children's Online Privacy Protection Act (COPPA) -- Protects children's data on websites and apps but does not cover hospital records.

Thus, the correct answer is B. Health Insurance Portability and Accountability Act (HIPAA) as it enforces strict privacy rules for patient medical records.

Reference in Ethics in Technology:

Health Insurance Portability and Accountability Act (HIPAA) (1996), 45 CFR Parts 160 and 164.

Question 7

A malicious hacker takes over several computers via the internet and causes them to flood a target site with high volumes of data queries and other small tasks. Which type of attack is the hacker performing against the target site?

AZero-day exploit

BRansomware

CDenial-of-service (DoS)

DWorm

Answer : C

A Denial-of-Service (DoS) attack is a cyberattack in which a hacker floods a target system with an overwhelming amount of requests, causing it to crash, slow down, or become unavailable. In this scenario, the hacker takes over multiple computers and forces them to flood a target site, which is a Distributed Denial-of-Service (DDoS) attack, a more advanced form of DoS.

Relevant Ethical Reference in Technology:

Cybersecurity Ethics (ACM & IEEE Codes of Ethics) -- DoS attacks violate ethical and legal principles, causing harm to organizations and users.

Hacking Ethics (White Hat vs. Black Hat Ethics) -- Ethical hackers prevent DoS attacks, whereas malicious hackers exploit vulnerabilities.

Cybercrime Laws (Computer Fraud and Abuse Act, GDPR, CFAA) -- DoS attacks are illegal and punishable under international cybersecurity laws.

Utilitarian Perspective on Cybersecurity -- Defending against DoS attacks protects public and private digital infrastructure, benefiting society.

Thus, the correct answer is C. Denial-of-service (DoS), as the hacker floods the target site with excessive data queries.

WGU Ethics In Technology QCO1 WGU (QCO1) Ethics In Technology Exam Practice Test