DATA
Reliable and timely access to data and resources is provided to authorized individuals
What is Availability?
This plan is maintained by the IT staff and includes detailed instructions on how to manage and restore IT systems in the case of an emergency
What is the Information Systems Contingency Plan / ISCP? (also acceptable: Disaster Recovery Plan / DRP) This is different from the CEMP, which is a facility-maintained plan for managing healthcare services in a disaster
These include descriptions, test plans, back-out plans, and approvals and cannot be modified once closed.
What is a change request? These are required for all enterprise-level software modifications.
A company that delivers cloud services is called
Cloud Service Provider (CSP)
This is the practice of maintaining separate networks and security policies for FDA-regulated medical computers and non-medical computers
What is Medical Device Isolation Architecture (MDIA)?
Accuracy and reliability of the information and systems are provided and any unauthorized modification is prevented
What is Integrity?
An event that has potential to do harm.
What is incident?
SADLC conducts these monthly in order to identify vulnerabilities, such as unauthorized software installed, missing patches, and configuration errors
What are scans?
Services that are available anytime a client wants or needs them are called
What are On-demand services?
These agreements must be in place between the facility and all external parties with direct connections to the official network.
What are Memoranda of Understanding (MOUs)?
Necessary level of secrecy is enforced, and unauthorized disclosure is prevented
What is Confidentiality?
Incident that results in disclosure or potential disclosure of data.
What is Breach?
A piece of software that is installed to fix problems in another piece of software
What is a patch?
Which type of deployment is a mixture of a public and a private cloud?
What is Hybrid Cloud?
By blocking unknown or untrusted websites, implementing firewalls, "whitelisting" known friendly connections, reviewing authorized computer-to-computer connections, scanning outgoing email, and encrypting all network traffic, IT is mitigating this common security issue
What is data leakage or exfiltration?
These are the elements of multi-factor authentication
What are "something you are, something you have, and something you know?"
The first step that individuals responsible for the development of a Business Continuity Plan (BCP) should perform.
What is BCP team selection?
Is an interpreted language that does not make use of a compiler to transform code into an executable state.
What is JavaScript?
Which document specifies the CSP's responsibility to provide a certain amount of availability, resources, and standards by which the resources should be protected.
What is Service Level Agreement (SLA)?
It's performed by sending malformed packets to a system; can interrupt service or completely deny legitimate users of system resources.
What is Denial of Service (DoS) attack?
These must be encrypted before they are taken off site for storage.
What are backups?
Steps to be followed when creating a Business Continuity Plan (BCP).
What are business impact analysis, recovery, organization, and training?
Is a popular vulnerability scanner managed by Tenable Network Security, and it combines multiple techniques to detect a wide range of vulnerabilities.
What is Nessus?
Which cloud model is a form of cloud computing that provides virtualized computing resources, such as storage, over the internet?
What is Software as a service (SaaS)?
It is the first layer in the Open Source Interconnection (OSI) 7 layer model.
What is Physical structure layer?