WGU Ethics In Technology QCO1 WGU (QCO1) Ethics In Technology Exam Questions

Page: 1 / 14
Total 66 questions

Want more questions? Get Premium Access.
()

Question 1

A credit reporting agency collects personally identifiable information (Pll) from customers. The agency appoints a data protection officer (DPO), who is responsible for overseeing the agency's data protection strategy and enforcing data compliance requirements.

Which legislation should the DPO use as the basis for governing the collection and disclosure of Pll?

ASecurities Exchange Act

BSarbanes-Oxley Act (SOX)

CGramm-Leach-Bliley Act(GLBA)

DBank Secrecy Act

Answer : C

The Gramm-Leach-Bliley Act (GLBA) governs the collection, protection, and disclosure of personally identifiable financial information (PII) by financial institutions, including credit reporting agencies.

Why GLBA applies to this case:

Credit reporting agencies handle sensitive consumer financial data, making them subject to GLBA regulations.

The Financial Privacy Rule under GLBA dictates how financial institutions must collect and disclose PII.

The Safeguards Rule requires companies to appoint a Data Protection Officer (DPO) to oversee data security practices.

Why Not the Other Options?

A . Securities Exchange Act -- Governs stock trading and financial disclosures, not PII protection.

B . Sarbanes-Oxley Act (SOX) -- Focuses on corporate financial reporting and accounting fraud, not data privacy.

D . Bank Secrecy Act (BSA) -- Primarily deals with money laundering and financial crime detection, not consumer data protection.

Thus, the correct answer is C. Gramm-Leach-Bliley Act (GLBA) as it regulates the collection and protection of financial PII.

Reference in Ethics in Technology:

Gramm-Leach-Bliley Act (1999), 15 U.S.C. 6801-6809.

Federal Trade Commission (FTC) Guide on GLBA Compliance.

Solove, D. J. (2020). The Privacy Law Fundamentals.

Question 2

An organization plans to hire three external software engineers to build client software to connect its lightweight wireless devices to the cloud. It will do so according to specific terms and a specific duration defined in a legal document. The duration of the work will be six months.

Which workforce category should the organization hire within?

AFull-time employees

BIn-house expertise

CPart-time salaried workers

DIndependent contractors

US. Department of Labor Guidelines on Independent Contractors.
Harvard Business Review (2022). Managing Independent Contractors Effectively.

Answer : D

Since the organization is hiring external software engineers for a fixed six-month project, independent contractors are the best option.

Why Independent Contractors?

They work on a project basis, as defined in a legal contract.

The organization does not provide full-time benefits.

Contractors are specialists hired for short-term needs, making them ideal for temporary projects.

Why Not the Other Options?

A . Full-time employees: Not suitable, as the work is temporary (six months only).

B . In-house expertise: The company is hiring external workers, not relying on existing staff.

C . Part-time salaried workers: Part-time employees receive benefits, while contractors do not.

Thus, the correct answer is D. Independent contractors, as they are ideal for temporary project-based work.

Reference in Ethics in Technology:

Question 3

An organization's security policy states that only authorized employees are granted access to the payroll database. During the onboarding process, two newly hired employees realize they have been erroneously granted access to the payroll database.

Which security practice has been violated?

AAvailability

BAccessibility

CIntegrity

DConfidentiality

Answer : D

Confidentiality ensures that only authorized personnel have access to sensitive information.

Why Confidentiality Was Violated?

Payroll information is sensitive and should be accessible only to authorized employees.

The erroneous access granted to new hires means private financial information is at risk.

Confidentiality is a fundamental principle in cybersecurity, ensuring that data is accessed only by those who need it.

Why Not the Other Options?

A . Availability -- Ensures systems remain operational, but this case concerns unauthorized access, not system downtime.

B . Accessibility -- Relates to making data usable for authorized individuals, but this case involves an unauthorized access issue.

C . Integrity -- Ensures data remains accurate and unaltered, but the issue here is privacy, not data accuracy.

Thus, the correct answer is D. Confidentiality, as it ensures that only authorized users can access sensitive information.

Reference in Ethics in Technology:

National Institute of Standards and Technology (NIST) Cybersecurity Framework.

ISO/IEC 27001: Information Security Management Systems.

Question 4

A customer places an order for a product on an e*commerce site after reviewing the quantity and pricing on the online form. The customer then receives an email confirmation that displays different pricing than the order form. The customer reports the discrepancy to customer service.

Which security practice is this customer addressing?

AAvailability

BIntegrity

CAccessibility

DConfidentiality

Answer : A

Computerized Provider Order Entry (CPOE) is a digital system that allows healthcare providers to enter medication orders electronically, reducing errors related to handwriting and incomplete prescriptions.

Why CPOE?

Eliminates handwriting misinterpretation errors.

Ensures complete medication details, reducing omissions.

Often integrates decision support tools, warning about drug interactions and incorrect dosages.

Why Not the Other Options?

B . Health Information Exchange (HIE): Shares patient records across providers but does not focus on medication ordering.

C . Electronic Medical Record (EMR): Digitizes patient records but does not prevent prescription errors directly.

D . Clinical Decision Support (CDS): Helps providers make better decisions but does not replace the ordering process like CPOE does.

Thus, the correct answer is A. Computerized Provider Order Entry (CPOE), as it directly addresses prescription errors.

Reference in Ethics in Technology:

Bates, D. W. et al. (1998). Effect of Computerized Physician Order Entry and a Team Intervention on Prevention of Serious Medication Errors.

Institute of Medicine (2000). To Err is Human: Building a Safer Health System.

Question 5

A robotics company engages an IT firm to deliver a marketing software solution. During the project, the robotics company asks for additional features that were not in the initial contract. The IT firm's project leader is unsure whether it can deliver these features but verbally agrees to the scope change. On delivery, the robotics company notes that several of the additional features are not included and that because of this, the solution is not compatible with certain legacy systems the company did not initially disclose.

Which factor might have mitigated the problem if the IT firm's project leader had abided by a professional code of ethics?

AMinimizing scope creep requests from the customer

BImproving decision-making around agreeing to additional scopes

CAvoiding the delivery of an incompatible solution

DUnderstanding the legal implications of noncontractual agreements

Answer : B

The issue in this scenario stems from scope creep---when a project's requirements expand beyond the original contract. The IT firm's project leader verbally agreed to additional features without ensuring their feasibility, leading to incomplete delivery and incompatibility issues.

By following a professional code of ethics, the project leader would have:**

Carefully assessed whether the additional scope was feasible

Formalized the agreement in writing rather than relying on verbal commitments

Ensured realistic expectations regarding system compatibility

Relevant Ethical Reference in Technology:

Project Management Ethics (PMI Code of Ethics) -- Encourages informed decision-making and clear scope agreements.

ACM & IEEE Codes of Ethics -- Stress honest communication, responsibility, and due diligence in IT projects.

Contract Law & Professional Responsibility -- Professionals should document scope changes to avoid miscommunication.

Utilitarian Ethics (Preventing Harm) -- Poor decisions on scope cause project failures and stakeholder losses.

Thus, the correct answer is B. Improving decision-making around agreeing to additional scopes, as ethical decision-making could have mitigated scope creep issues.

Question 6

A company needs to fill a specialized, long-term engineering role. The worker in this role needs to work on-site and use a company-provided laptop for security. The company's corporate code of ethics dictates that it should prioritize economic empowerment in its local community. The company has not been successful in sourcing local candidates.

Which type of worker should the company consider expanding its candtdate pool to include?

AH-1B

BOffshore

CGig

DFreelance

Answer : A

The H-1B visa program allows U.S. companies to hire highly skilled foreign professionals when qualified local candidates are unavailable. Since the company needs a specialized, long-term engineering role that requires on-site work and prioritizes local economic empowerment, expanding the search to include H-1B visa workers is the best option.

Unlike offshore workers (who work remotely) or freelance/gig workers (who typically work on short-term projects), an H-1B worker can relocate, work full-time, and use company-provided resources securely.

Relevant Ethical Reference in Technology:

Workforce Ethics & Economic Empowerment -- Ethical hiring ensures fair job opportunities while addressing labor shortages.

H-1B Program Regulations (U.S. Immigration Laws) -- Allows companies to fill specialized roles with foreign workers when local talent is unavailable.

Deontological Ethics (Fair Hiring Practices) -- Companies have an ethical obligation to recruit based on skills and business needs.

Corporate Social Responsibility (CSR) & Diversity Hiring -- Welcoming international talent fosters inclusivity and economic growth.

Thus, the correct answer is A. H-1B, as it allows the company to hire specialized foreign workers when local candidates are unavailable.

Question 7

A publicly-traded organization listed on the New York Stock Exchange has been flagged for possible accounting malpractices. An auditor discovers that the company used funds to disguise payments to international officials. The auditor also finds that the system of internal control does not adequately maintain books and records that reflect all business transactions.

Which law did the organization potentially violate?

ACommittee on Foreign Investment in the United States

BForeign Intelligence Surveillance Act

CForeign Corrupt Practices Act

DElectronic Communications Privacy Act

US. Department of Justice (DOJ) FCPA Guide.
Transparency International: Corruption Perceptions Index.

Answer : C

The Foreign Corrupt Practices Act (FCPA) prohibits U.S. companies from bribing foreign officials and requires accurate financial records.

Why FCPA Applies?

The company disguised payments to international officials, which violates the FCPA's anti-bribery provisions.

The lack of internal controls to maintain proper records also violates FCPA accounting rules.

The law applies to publicly traded companies, such as those listed on the New York Stock Exchange.

Why Not the Other Options?

A . Committee on Foreign Investment in the United States -- Regulates foreign investment, not bribery.

B . Foreign Intelligence Surveillance Act -- Covers electronic surveillance and national security, not corporate misconduct.

D . Electronic Communications Privacy Act -- Protects electronic communications from unauthorized access, unrelated to accounting fraud.

Thus, the correct answer is C. Foreign Corrupt Practices Act (FCPA) as it governs anti-bribery and financial reporting.

Reference in Ethics in Technology:

Foreign Corrupt Practices Act (FCPA), 15 U.S.C. 78dd-1, et seq.