Security 2

Question 1

Name the 6 laws Name the 6 laws

Answer 1

1) Privacy Act (commonwealth) 1988
2) information privacy act (Vic) 2000
3) Health records act 2001
4) Victorian charter of human rights and responsibilities 2006
5) spam act 2003
6) copyright act 1968

Question 2

Name the three types of threats

Answer 2

Accidental, deliberate or event based threats

Question 3

Examples of accidental threats

Answer 3

• Incompetent employees
• “Misplaced” data
• Natural disasters
• User error
• Failure to maintain file-management procedures

Question 4

Examples of deliberate threats

Answer 4

• Viruses- Trojan horse
• Spyware
• Adware
• Spam
• Phishing
• Hacking
• Tampering with files
• Theft of hardware
• Disgruntled employees

Question 5

Examples of event based threats

Answer 5

• Power surge
• Hardware failure
• Operating system or software failure

Question 6

Examples of software security measures

Answer 6

• Usernames, login, and passwords
• Firewalls
• Encryption
• Antivirus software

Question 7

What is a disaster recovery plan?

Answer 7

It tells you what to do when a disaster strikes. It is a written plan/document that tells an organisation what steps are needed to restore the company operations in the event of a disaster.

Question 8

What are the stages of the DDRP?

Answer 8

• Emergency plan
• Backup plan
• Recovery plan
• Test plan

Question 9

Why do you need to make all of the plans?

Answer 9

To be prepared in the case of a scenario,
to test them all and
to know that they will work.

Question 10

Advantages of cloud computing

Answer 10

• Less effort is needed
• Save on energy bills
• Businesses require less storage hardware
• Decreases the amount of software licensing and software installation needed

Question 11

Disadvantages of cloud computing

Answer 11

• Security of the data is only as good as security in the plan
• Risk of losing internet connectivity
• You need a stable internet connection

Question 12

Things for evaluation criteria and the effectiveness of information management strategies

Answer 12

• Integrity of data
• Security
• Ease of retrieval
• Currency of issues

Question 13

Describe data integrity

Answer 13

refers to whether data is ‘trustworthy’

Question 14

Describe security

Answer 14

Is the data safe from unauthorised access or alteration?

Question 15

Describe easy of retrieval

Answer 15

• Files should be easy to retrieve and quickly found

Question 16

Describe currency of issues

Answer 16

• Regular backups will ensure that the most recent versions of files are available if needed

Question 17

What are security procedures

Answer 17

• Storage
• Backups
• Disposal
• Archiving

Question 18

Describe storage

Answer 18

File naming conventions, storing data in a correct manner.

Question 19

Describe archiving

Answer 19

Process of copying files to long-term storage, then deleting them from the first hard drive

Question 20

Describe disposal

Answer 20

Disposing of unwanted equipment. Need to archive or destruct of data first.

Question 21

Examples of personal information

Answer 21

Characteristics used to identify someone

• Name
• Address
• Age
• Gender

Question 22

Examples of sensitive information

Answer 22

Legally don’t have to answer

• Racial origin
• Political opinions
• Sexual preference
• Criminal record

Question 23

Examples of health information

Answer 23

• Medical history
• Current medical condition
• Dental records
• Donations of body parts

Question 24

Describe the privacy act (commonwealth).

Answer 24

• 1988
• It covers private organisations who earn more than $3 million per year
• It outlines the handling of the collection, use and disclosure, storage and disposal of personal information by both electronic and manual or conventional forms of data gathering.