Basics of Information Security PT 1

Information security's goals are sometimes described by the letters "CIA". Which of the following is correct definition of C, I, or A?

All of the above (Confidentiality, Integrity, Availability)

Fines and jail time for information security failures are

Generally, only applied for serious, deliberate misuse, where someone intentionally accesses data in order to do harm or for personal gain

Security measures are sometimes described as a combination of physical, technical, and administrative (PTA) safeguards. Which of these would be considered a technical safeguard?

Measures including device data encryption, anti-malware software, and communications encryption.

Which of these is not generally a good practice for fax machine use?

Sensitive faxes -- inbound or outbound -- are left sitting in or around the machine

Which of the following is a correct statement about the balance among prevention, detection, a response? (PDR)

The greater the sensitivity and quantity of the data at issue, the more carefully the balance among these three must be evaluated.

Which of these is not a good practice for physical security?

To preserve good customer relations, visitors are generally allowed access to all areas of a facility unless it appears they are doing something suspicious

Which of these is generally not a good practice with respect to oral communications in organizations like healthcare facilities?

Use of full names in public areas or on intercom/paging systems, because there is no security issue with identifying persons in public areas and using full names helps avoid misidentification

Which of these is not generally a good practice for telephone use?

Using voicemail systems and answering machines that do not require a password or PIN for access