CITI Clinical Operations (IPS): Basics of
Information Security, Part 2
Which of the following is generally allowed in most organizations? - Answer-Social networking if done
for approved business-related purposes.
Which of these is not a good security practice for portable devices? - Answer-Disabling any remote-
locate, remote-shutdown, and remote-erase capabilities because these can accidentally erase data.
Which of these is not a good security practice for email? - Answer-Sending sensitive information in email
messages or in attachments to such messages, as long as a legally-binding confidentiality notice is
included.
Which of these is not a good practice for controlling computer access? - Answer-Logging into systems
with a shared user-ID or password.
Which of these is not a good security practice for web browsing? - Answer-Browsing to sites using links
sent in emails without taking steps to assure the destination is safe.
Information Security, Part 2
Which of the following is generally allowed in most organizations? - Answer-Social networking if done
for approved business-related purposes.
Which of these is not a good security practice for portable devices? - Answer-Disabling any remote-
locate, remote-shutdown, and remote-erase capabilities because these can accidentally erase data.
Which of these is not a good security practice for email? - Answer-Sending sensitive information in email
messages or in attachments to such messages, as long as a legally-binding confidentiality notice is
included.
Which of these is not a good practice for controlling computer access? - Answer-Logging into systems
with a shared user-ID or password.
Which of these is not a good security practice for web browsing? - Answer-Browsing to sites using links
sent in emails without taking steps to assure the destination is safe.
