Unit 8
Mei is downloading payment details from the portal of an insurance company when the portal crashes. She is unable to continue the download of records. Which part of the CIA triad has been compromised in this scenario?
Availability
The level of assurance that data will be available to people who need it, when they need it is referred to as ____.
Availability
Mei's medical office is looking for a system to manage the electronic health records of its patients and has published a request for proposals (RFP). Tom, Mei's brother, is managing a team at a large software producer that has decided to bid for the contract to provide a solution for the medical office. What could Mei and Tom do to avoid possible conflicts of interest? (Select all that apply.)
Both Tom and Mei should disclose the conflict of interest. Tom and Mei should not discuss details of the contract outside official channels. Mei should not disclose details of offers by any respondents to the RFP.
Which part of the CIA triad addresses rules that restrict access to only those who need to know?
Confidentiality
What does the acronym CIA stand for in cybersecurity?
Confidentiality, integrity, and availability
Mei gets the company's phone service invoice in the mail. The bill was supposed to be for $800, but the receptionist spilled water on it and smeared the ink. The bill now asks for $80. Which part of the CIA triad has been compromised in this scenario?
Integrity
Mei is buying equipment from an online retail site, and she finds that she is able to change the price of the equipment from $1,000 to $10. Which part of the CIA triad has been broken in this scenario?
Integrity
Which part of the CIA triad addresses the level of assurance that can be given as to how accurate and trustworthy data is?
Integrity
Reflect for a moment about ethics, then respond to the following question. As an IT professional in a situation that might compromise data security, which of the following is an advantage of having an explicit professional code of conduct?
It clarifies the recommended acceptable standards of behavior for a professional group consisting of a wide variety of people.
Which of the following would be a disadvantage of an ethical code of conduct? (Select all that apply.)
It may not apply to new issues. It has no legal impact. It is entirely voluntary.
The medical office treated A.J. three days ago. Today, the police are in Mei's office asking for A.J.'s medical records. What information can Mei release without a warrant? (Select all that apply.)
Mei should follow both HIPAA and state privacy protocols. Mei should follow the protocol advised by the medical council of her state.
The medical office is hiring a support specialist to assist Mei in managing the technology supporting business operations. Dozens of qualified candidates have applied, including the daughter of the office's receptionist, Mary. Mary and Mei are good friends outside of work. How could Mei stay objective in the selection of the new technical support specialist? What can she do to avoid pressure from her friend Mary? (Select all that apply.)
Mei should use the same selection criteria for all candidates. Mei should ask a colleague to sit in on the interview with Mary's daughter. Mei should not discuss the job with Mary. Mei should ask a colleague to interview Mary's daughter. Check My Answer
When you visit Mei's office's website, the site (like many other websites) has the capability of recording data, called cookies, on your computer indicating that you have visited that site. These cookies can then be used to identify return visitors and to record other previous activity so that future visits to the site can be handled more efficiently. The cookies on your computer also provide a record of the sites that you have visited. Should the website for Mei's office have the capability to record cookies on its patients' computers?
Yes, the cookies allow a web application to respond to the user as an individual.