General Security Principles
Data PHI-PII
Malware
Compliance
Social Engineering
100

The information assurance concept in which multiple layers of security controls are placed throughout an information technology system.

What is Defense in Depth

100

These are the 3 primary security principles

What are Confidentiality, Integrity, Availability

100

A self replicating program that reproduces its code by attaching copies into other executable applications

What is a Virus

100

This law is part of ARRA in 2009 and directly impacts HealthCare industry and mandates HIPAA compliance

What is HITECH Act

100

A human attack involving manipulating a person or a group of people into providing sensitive information.

What is Social Engineering

200

An emulation of a computer system, providing security features like isolation from your host operating system, quick recoveries using snapshots, and the ability to test suspicious softwares and files.

What is a Virtual Machine

200

This type of data is protected by HIPAA regulation

What is PHI

200

This virus is named after a story in Greek Mythology

What is a Trojan

200

In 1996 this healthcare regulation was passed

What is HIPAA

200

It is not 'outside' of possibilities that this threat poses the highest risk to an organization

Who are Insiders or Employees

300

There are 7 layers in this networking model

What is The OSI Model

300

This government organization is responsible for enforcing HIPAA regulations

Department of Health and Human Services or Office of Civil Rights

300

A software designed to harm or secretly access a computer system without the owner's consent

What is Malware

300

Information in a medical record that can be used to identify an individual, and that was created, used, or disclosed in the course of providing a health care service, such as a diagnosis or treatment.

What is PHI

300

A cyber attack where someone simply looks over the shoulder of a user and gathers credentials, sensitive data etc.

What is Shoulder Surfing

400

Isolating business data and processes away from personal processing on a mobile device is a construct known as this

What is Sandboxing

400

These small files located on your computer are used to collect data during visits to web sites

What are Cookies

400

This malware locks you out of your own system resources and demands on online payment to release them back.

What is Ransomware

400

Security assessment designed to check policies and procedures within an organization

What is a Security Audit

400

A cyber attack where an attacker waits next to an entry door to a secured location. An authorized user opens the door and the attacker follows them inside.

What is Piggybacking

500

The initial analysis and response to an incident based on information known when an incident is first reported is known as this

What is Triage

500

Any information that can be used to trace an individual‘s identity, such as name, social security number, date and place of birth, mother‘s maiden name, or biometric records.

What is PII

500

A self replicating malware that uses a computer network to send copies of itself to other computers without human intervention

What is a Worm

500

The email contact at Vituity if you have a compliance concern.

What is Compliance@vituity.com?

500

The group you should contact if you've fallen prey to a social engineering attack

Who is the Service Desk