Table of Contents

Course Learning Objectives v

Introduction to the Course v

Chapter 1 - Introduction to Cybercrime 8

Chapter Learning Objectives 8

Introduction. 8

The Nature of Cybercrime 8

Computer Viruses 8

Denial-of-Service Attacks 9

Installing Malware 9

Phishing. 11

Summary. 13

Chapter 1 Review Questions 15

Chapter 2 - Laws & Regulations Safeguarding Taxpayer Data. 16

Chapter Learning Objectives 16

Introduction. 16

The Gramm-Leach-Bliley Financial Modernization Act 16

FTC Standards for Safeguarding Customer Information Rule 16

FTC Privacy of Consumer Financial Information Rule 17

The Contents of the Privacy Notice 19

Sarbanes-Oxley Act of 2002. 21

Penalties for Unauthorized Disclosure or Use of Taxpayer Information. 22

Code of Federal Regulations §301.7216.1. 22

Internal Revenue Code §6713. 22

Internal Revenue Procedure 2007-40. 22

Summary. 23

Chapter 2 Review Questions 25

Click here to see Answers to Review Questions at end of EBook. 25

Chapter 3 - The Costs of a Data Breach. 26

Chapter Learning Objectives 26

Introduction. 26

Data Breach. 26

Causes of Data Breach. 26

Cybercrime Costs 26

IBM-Ponemon Study. 27

Customer Loss 28

Number of Records Stolen or Compromised. 28

Time Required to Identify and Contain a Data Breach. 29

Cause of the Data Breach. 29

Remediation and Other Costs Following Identification of Breach. 29

Probability of Experiencing a Data Breach. 30

Summary. 30

Chapter 3 Review Questions 31

Chapter 4 - The Information Security Plan. 32

Chapter Learning Objectives 32

Introduction. 32

Ensuring Data Security. 32

Where to Begin: Determining Responsibility. 33

Identifying the Risks and Their Impact 33

Writing an Information Security Plan. 33

Securing the Physical Facility. 34

Personnel Security. 35

Information and Computer Systems Security. 36

Media Security. 37

Summary. 37

Chapter 4 Review Questions 39

Chapter 5 - Best Practices for Securing Data. 40

Chapter Learning Objectives 40

Introduction. 40

Recommended Practices 40

Employee Management 40

Employee Training. 41

Policies and Procedures 41

Maintaining Information System Security. 41

Information Storage 41

Customer Data Transmission. 42

Disposal of Customer Information. 42

Summary. 43

Chapter 5 Review Questions 44

Chapter 6 - When a Data Breach Occurs 45

Chapter Learning Objectives 45

Introduction. 45

When a Data Breach Occurs 45

Secure the Firm’s Operations 45

Remove Improperly Posted Information from the Web. 46

Interview. 46

Fix Vulnerabilities 46

Thinking about Service Providers 47

Checking the Firm’s Network Segmentation. 47

Working with Forensics Experts 47

The Firm’s Communications Plan. 47

Notify Appropriate Parties 47

Notify Law Enforcement 47

Notify Affected Businesses 47

Notify Individuals 48

Model Letter 49

Summary. 51

Chapter 6 Review Questions 52

Answers to Review Questions 53

Chapter 1 Review Questions Feedback. 53

Chapter 2 Review Questions Feedback. 55

Chapter 3 Review Questions Feedback. 56

Chapter 4 Review Questions Feedback. 57

Chapter 5 Review Questions Feedback. 59

Chapter 6 Review Questions Feedback. 60

Appendix I 61

Appendix II 62

Glossary. 63

CPE Exam Answer Sheet 66

Final Examination. 67

CPASelfstudy.com Course Evaluation. 70