Module 7 Quiz

What series of Special Publications does the National Institute of Standards and Technology (NIST) produce that covers information systems security activities?

800

Which organization created a standard version of the widely used C programming language in 1989?

American National Standards Institute (ANSI)

Joe is the CEO of a company that handles medical billing for several regional hospital systems. How would Joe's company be classified under the Health Insurance Portability and Accountability Act (HIPAA)?

Business associate of a covered entity

Which of the following agencies is NOT involved in the Gramm-Leach-Bliley Act (GLBA) oversight process?

Federal Communications Commission (FCC)

What federal agency is charged with the mission of promoting "U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life?"

National Institute of Standards and Technology (NIST)

What type of publication is the primary working product of the Internet Engineering Task Force (IETF)?

Request for comment (RFC)

t/f The Federal Trade Commission (FTC) Safeguards Rule requires a financial institution to create a written information security program that must state how the institution collects and uses customer data.

True

Which element is NOT a core component of the ISO 27002 standard?

cryptography

t/f The Family Educational Rights and Privacy Act (FERPA) requires that specific information security controls be implemented to protect student records.

false

Under the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, what type of safeguards must be implemented by all covered entities, regardless of the circumstances?

standard