Dominio 2

Question 1

Definition of HITRUST?

Answer 1

Health Information Trust Alliance

Question 2

Definition of ISF?

Answer 2

Information Security Forum Framework

Question 3

Definition of CSF?

Answer 3

Common Security Framework

Question 4

What is ISF all about?

Answer 4

Founded in 1989. Independent, not-for-profit association of global organizations dedicated to investigating, clarifying cybersecurity.
It has a framawork.

Question 5

Definition of ITIL?

Answer 5

Information Technology Infrastructure Library

Question 6

5 tiers/pilars/functions of NIST Cybersecurity Framework (CSF)

Answer 6

Identify, Protect, Detect, Respond, Recover.

Question 7

5 parts of a control lifecycle management?

Answer 7

Select, validate, catalog, implement, monitor.

Question 8

COSO DEFENSE-IN-DEPTH MODEL (4)

Answer 8

Deterrent, Preventative, Detective, Corrective

Question 9

What is NIST Special Publication (SP) 800-26 all about?

Answer 9

Guide for Information Security Program Assessments

Question 10

NIST Special Publication (SP) 800-26 describe 3 classes of security control types:

Answer 10

Management, Operational, Technical

Question 11

NIST introduced the concept of baseline control (assist organizations in making the appropriate selection of security controls)

Answer 11

High-Impact Baseline, Moderate Impact Baseline, Low-Impact Baseline

Question 12

What contains NIST SP 800-53?

Answer 12

catalog of information security controls

Question 13

Two approaches of audits

Answer 13

Compliance-based auditing (CBA) and Risk-based auditing (RBA)

Question 14

The three main healthcare IS control guidance documents can be found in which three standards?

Answer 14

HIPAA, HITECH, and HITRUST