Exam 26: Data Breaches

Which of the following is a direct cost of handling a data breach?

Which of the following regulatory laws requires data protection for health care institutions?

________ are software or procedures used to prevent an information security attack.

Personally identifiable information includes a person's bank account numbers, personal identification numbers, email address, and social security numbers.

The first step in protecting oneself from data breaches is ________.

According to the reports in Ponemon's 2014 Cost of Data Breach Study, organizations are more likely to lose larger amounts of data than smaller amounts of data.

Performing a walkthrough should be done as part of a business continuity planning session.

What are countermeasures? Why is it important for organizations to implement countermeasures?

Organizations can implement countermeasures that make data breaches impossible to occur.

Venclave Hospital is a privately-owned organization that specializes in treating neurological diseases.Which of the following regulatory laws governs the data security measures to be taken by this hospital for protecting against data breach?

The Federal Information Security Management Act (FISMA)details the procedures to be followed by a federal agency in case an organization fails to ensure the minimum security requirements for its data and systems.

It is easy for organizations to prepare a list of countermeasures against many different types of attacks and take appropriate measures accordingly.

Talgedco Inc., a software company, has taken several steps to secure its systems and data.The company has also installed a network intrusion detection system and data loss prevention system.Employees of this company have also been trained on the procedures to be followed to reduce the probability of a data breach.These steps taken by Talgedco are an example of ________.

Stolen credit card information is validated through a process called carding.

Executives, managers, and all systems personnel of an organization discuss the actions to be taken by each employee in case a data breach occurs.They identify areas that would need immediate attention and assign specific responsibilities to each employee.The employees of the organization are performing a(n)________.

Attack vectors refer to the ways hackers attack a target.

Jobs Dot Com, an online recruitment site, was hacked into, and personal information of a number of users was stolen.What information should Jobs Dot Com include in its data breach notification to its users?

The ________ is a regulatory law that requires security precautions for government agencies.

Data breach notifications should state that the existing security policies and procedures are inadequate and that changes are being made to prevent similar breaches in the future.

Spear phishing is used by organizations to monitor traffic passing through their internal network.