Dominio 2 Flashcards

1
Q

Definition of HITRUST?

A

Health Information Trust Alliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Definition of ISF?

A

Information Security Forum Framework

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Definition of CSF?

A

Common Security Framework

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is ISF all about?

A

Founded in 1989. Independent, not-for-profit association of global organizations dedicated to investigating, clarifying cybersecurity.
It has a framawork.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Definition of ITIL?

A

Information Technology Infrastructure Library

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

5 tiers/pilars/functions of NIST Cybersecurity Framework (CSF)

A

Identify, Protect, Detect, Respond, Recover.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

5 parts of a control lifecycle management?

A

Select, validate, catalog, implement, monitor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

COSO DEFENSE-IN-DEPTH MODEL (4)

A

Deterrent, Preventative, Detective, Corrective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is NIST Special Publication (SP) 800-26 all about?

A

Guide for Information Security Program Assessments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

NIST Special Publication (SP) 800-26 describe 3 classes of security control types:

A

Management, Operational, Technical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

NIST introduced the concept of baseline control (assist organizations in making the appropriate selection of security controls)

A

High-Impact Baseline, Moderate Impact Baseline, Low-Impact Baseline

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What contains NIST SP 800-53?

A

catalog of information security controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Two approaches of audits

A

Compliance-based auditing (CBA) and Risk-based auditing (RBA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The three main healthcare IS control guidance documents can be found in which three standards?

A

HIPAA, HITECH, and HITRUST

How well did you know this?
1
Not at all
2
3
4
5
Perfectly