HCISPP Free Practice Test

Which one of the following is NOT a fundamental component of a Regulatory Security Policy?

1. A. What is to be done.
2. B. When it is to be done.
3. C. Who is to do it.
4. D. Why is it to be done

Correct Answer: C
Regulatory Security policies are mandated to the organization but it up to them to implement it. "Regulatory - This policy is written to ensure that the organization is following standards set by a specific industry and is regulated by law. The policy type is detailed in nature and specific to a type of industry. This is used in financial institutions, health care facilities, and public utilities."

Administrative Safeguards on Security Awareness related to electronic Protected Health Information (PHI) and Log-in Monitoring includes all, EXCEPT:

1. A. Review the system's login reports at regular intervals
2. B. Prohibit the sharing of passwords among any employees, paid or unpaid
3. C. Limit the number of attempts a computer user can make at a log-in attempt
4. D. Use of software that locks the user out of the system after a certain number of unsuccessful log-in attempts are made

Correct Answer: B
The least appropriate answer is to prohibit the sharing of passwords among any employees, paid or unpaid.

_______ includes highly qualified pracitioners availble as consultants when needed.

1. A. Active
2. B. Honorary
3. C. Consulting

Correct Answer: C

Place in order, from BEST (1) to WORST (4), the following methods to reduce the risk of data remanence on magnetic media.

Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

Who founded the Pennsylvania Hospital?

1. A. Edward Jenner
2. B. Flemming
3. C. Ben Franklin

Correct Answer: C