Domain 3: Enterprise Information Systems Flashcards
Examples of technical security controls at the network level
Firewalls
IDPS (intrusion detection and prevention systems)
NAC (network access control)
VPN (virtual private networks)
DLP (data leakage protection)
When does public media and secretary of HHS need to be notified about a breach?
If > 500 records are breached
45 CFR 164.308 (a)(1) stipulates that entities
Conduct or review a security risk analysis per 45 CFR 164.308 (a)(1) and implement security updates as necessary and correct identified security deficiencies as part of its risk management process
Formula for # of connection required using point-to-point interfaces?
N*(N-1)/2
What does Hick-Hyman Law state?
User response time (RT) is a function of # of possible responses
What does Fitts Law state?
Time it takes to track to an object with a cursor is a function of distance traveled (D) and width of the target (W)
Risk of maintaining a software product is transferred from the institution to the vendor by means of a?
Service Level Agreement (SLA)
What does Application Service Provider (ASP) model refer to?
Business that provides computer services over the internet. Benefit of ASP model is that heavy computing is performed off-site by vendor so investment in data center is not needed.
What is Norman’s Theory of Action
Human Information Processing theory. Separates each mental activity cycle into seven inter-related stages
- Forming the target
- Forming the intention
- Specifying an action
- Executing the action
- Perceiving the state of the world
- Interpreting the state of the world
- Evaluating the outcome
What is external representations
Example of external cognition, which is using external elements to help us make decisions. Use of the external element must change the cognitive task in some way.
Examples: Use of pen and paper to help with complex math; use of hand-drawn sketches to assist with brainstorming; graphical visualization of lab result to understand trends.
What is distributed cognition?
Cognitive model focused on multiple people in a “cognitive system” collaborating to accomplish a shared goal.
Examples: crew working together to operate a ship; team of healthcare providers working together to care for a patient.
3 categories of cognitive theories
- Human Information Processing
- External Cognition
- Distributed Cognition
Difference between Application Service Provider (ASP) and Software as a Service (Saas)
In ASP model, user is given access to virtual or physical computer
In SaaS model, user access is provided via web-based application that connects with vendor’s central database via API. Instead of running 1000 instances of app, vendor only needs to run one instance. Multitenancy is term used when multiple users share the same software instance.