HCISPP DOMAIN 3 PRIVACY AND SECURITY IN HEALTHCARE EXAM
QUESTIONS AND ANSWERS
CIA triad - CORRECT ANSWER✅✅✅Confidentiality
Integrity
Availability
Confidentiality
Purpose - CORRECT ANSWER✅✅✅limit information access
to only those who are authorized
prevent access to anyone else
Confidentiality requires - CORRECT ANSWER✅✅✅Security Controls that must be
deployed to ensure protected
information is not disclosed to
unauthorized parties
PIPEDA - CORRECT ANSWER✅✅✅Personal Information Protection and
Electronic Documents Act
Canada
Integrity
Purpose - CORRECT ANSWER✅✅✅provide assurance that data quality
remains whole, unaltered and
uncorrupted
Authentication integrity means what? - CORRECT ANSWER✅✅✅sender is validated
not impersonated
,non-repudiation - CORRECT ANSWER✅✅✅sender cannot deny they sent the message
Digital signatures and hashes do what? - CORRECT ANSWER✅✅✅ensure that it has arrived intact
and unaltered
Digital signatures and hashes
negative? - CORRECT ANSWER✅✅✅do not protect data from being viewed
Name 3 Controls that can be used for Integrity - CORRECT ANSWER✅✅✅digital signature
hashing
virus anti spyware software
Availability
Purpose - CORRECT ANSWER✅✅✅uninterrupted system and data access
Method's to aid in
continuous system availability - CORRECT ANSWER✅✅✅RAID - Redundant Array of Independent
Disk
Facility Recovery Methods
hot site, warm site or cold site alternative
Access Control helps do what? - CORRECT ANSWER✅✅✅protects confidentiality of data
What administrative controls help
access control? - CORRECT ANSWER✅✅✅policies
, What technical controls help access control? - CORRECT ANSWER✅✅✅access control list
authentication software
What physical controls help access control? - CORRECT ANSWER✅✅✅card readers
cipher locks
biometric scanner
Access Control involves
4 main phases or mechanisms - CORRECT ANSWER✅✅✅Identification
Authentication
Authorization
Accountability
Identification
involves what? - CORRECT ANSWER✅✅✅subject presents unique identifier
checked against an internal list
Authentication - CORRECT ANSWER✅✅✅subjects is identity
Authentication can be validated by? - CORRECT ANSWER✅✅✅something the subject knows
something the subject has
something the subject is
Accountability for access control
involves what? - CORRECT ANSWER✅✅✅actions are logged
attribute to a single authenticated
QUESTIONS AND ANSWERS
CIA triad - CORRECT ANSWER✅✅✅Confidentiality
Integrity
Availability
Confidentiality
Purpose - CORRECT ANSWER✅✅✅limit information access
to only those who are authorized
prevent access to anyone else
Confidentiality requires - CORRECT ANSWER✅✅✅Security Controls that must be
deployed to ensure protected
information is not disclosed to
unauthorized parties
PIPEDA - CORRECT ANSWER✅✅✅Personal Information Protection and
Electronic Documents Act
Canada
Integrity
Purpose - CORRECT ANSWER✅✅✅provide assurance that data quality
remains whole, unaltered and
uncorrupted
Authentication integrity means what? - CORRECT ANSWER✅✅✅sender is validated
not impersonated
,non-repudiation - CORRECT ANSWER✅✅✅sender cannot deny they sent the message
Digital signatures and hashes do what? - CORRECT ANSWER✅✅✅ensure that it has arrived intact
and unaltered
Digital signatures and hashes
negative? - CORRECT ANSWER✅✅✅do not protect data from being viewed
Name 3 Controls that can be used for Integrity - CORRECT ANSWER✅✅✅digital signature
hashing
virus anti spyware software
Availability
Purpose - CORRECT ANSWER✅✅✅uninterrupted system and data access
Method's to aid in
continuous system availability - CORRECT ANSWER✅✅✅RAID - Redundant Array of Independent
Disk
Facility Recovery Methods
hot site, warm site or cold site alternative
Access Control helps do what? - CORRECT ANSWER✅✅✅protects confidentiality of data
What administrative controls help
access control? - CORRECT ANSWER✅✅✅policies
, What technical controls help access control? - CORRECT ANSWER✅✅✅access control list
authentication software
What physical controls help access control? - CORRECT ANSWER✅✅✅card readers
cipher locks
biometric scanner
Access Control involves
4 main phases or mechanisms - CORRECT ANSWER✅✅✅Identification
Authentication
Authorization
Accountability
Identification
involves what? - CORRECT ANSWER✅✅✅subject presents unique identifier
checked against an internal list
Authentication - CORRECT ANSWER✅✅✅subjects is identity
Authentication can be validated by? - CORRECT ANSWER✅✅✅something the subject knows
something the subject has
something the subject is
Accountability for access control
involves what? - CORRECT ANSWER✅✅✅actions are logged
attribute to a single authenticated
