and organizations? … Which act requires organizations that retain health care information to use InfoSec mechanisms to protect this information, as well as policies and procedures to maintain them?
HIPAA
.
In digital forensics
, all investigations follow the same basic methodology.
Which act requires organizations that retain healthcare information to use Infosec mechanisms to protect this information as well as policies and procedures to maintain them?
HIPPA
requires organizations that retain health care information to use information security mechanisms to protect this information, as well as policies and procedures to maintain them,and also requires a comprehensive assessment of the organization's information security systems, policies, and procedures.
Which law requires mandatory periodic training in computer security awareness and accepted computer security practice for all employees who are involved with the management use or operation of each federal computer system?
The Computer Security Act of 1987
requires federal agencies to “provide for the mandatory periodic training in computer security awareness and accepted computer practices of all employees who are involved with the management, use, or operation of each federal computer system within or under the supervision of that …
Which act is a collection of statutes that regulates the interception of wire electronic and oral communications?
90-351; 6/19/68), also known as
the “Wiretap Act”
: prohibits the unauthorized, nonconsensual interception of “wire, oral, or electronic communications” by government agencies as well as private parties, establishes procedures for obtaining warrants to authorize wiretapping by government officials, and.
Which act is a collection of statutes that regulates the interception of wire electronic and oral communications quizlet?
Terms in this set (10)
Which of the follwing is a collection of statues that regulates the interception of wire, eletronci, and oral communications?
The Sarbanes-Oxley (SOX) Act of 2002
was passed as a result of the Enron and WorldCom financial scandals.
Which law extends protection to intellectual property which includes words?
Copyright
, a form of intellectual property law, protects original works of authorship including literary, dramatic, musical, and artistic works, such as poetry, novels, movies, songs, computer software, and architecture.
Which law addresses privacy and security concerns associated with the electronic transmission of protected health information PHI )?
-addresses the privacy and security concerns associated with the electronic transmission of health information, in part, through several provisions that strengthen the civil and criminal enforcement of
the HIPAA rules
.
What is awareness and training NIST?
Awareness is defined in NIST Special Publication 800-16 as follows: “
Awareness is not training
. The purpose of awareness presentations is simply to focus attention on security. … Awareness is not training. The purpose of awareness presentations is simply to focus attention on security.
What is the meaning of security awareness?
Security awareness is
the knowledge and attitude members of an organization possess regarding the protection of the physical, and especially informational, assets of that organization
.
What are the overriding benefits of education training and awareness?
Describe the overriding benefits of education, training, and awareness. Answer: The benefits of awareness, training, and education include
improving employees' behavior as they become knowledgeable and aware of the different aspects of security
.
What are the major exceptions to the wiretap statute?
There are two exceptions for “devices” that can be used without violating the Act:
Telephones and related equipment that are used by a subscriber in the ordinary course of business
, including “extension” telephones. The idea here is to allow employers to listen in on employee conversations with customers.
The Economic Espionage Act
is the primary federal statute targeting unauthorized computer use, primarily focusing on unauthorized access and theft of information from computers.
Is the act of fraudulently using email to try to get the recipient to reveal personal data?
Phishing
is a technique criminals use to fraudulently obtain private information. In most cases of phishing, the criminal (known as the phisher) will send an e-mail that appears to come from a legitimate source, such as your bank or credit card company.
Which of the following is a key advantage of the bottom up approach?
The advantage of bottom-up planning is that the team members, i.e. the people who are actively working on the project,
have a say in the project planning and decisions are made collaboratively
. This will improve team communication and team building, and also empowers the team members.
Which type of planning is used to organize the ongoing day to day performance of tasks?
Operational Planning
This type of planning typically describes the day-to-day running of the company. Operational plans are often described as single use plans or ongoing plans. Single use plans are created for events and activities with a single occurrence (such as a single marketing campaign).
Is an act against an asset that could result in a loss?
– threat: a potential risk of an asset's loss of value. … a potential weakness in an asset or its defensive control(s).
attack
. an act against an asset that could result in a loss.