Chapter 2 ■ Asset Security (Domain 2) 35
- What encryption technology would be appropriate for HIPAA documents in transit?
A. BitLocker
B. DES
C. TLS
D. SSL- Lauren’s employer asks Lauren to classify patient X-ray data that has an internal patient
identifier associated with it but does not have any way to directly identify a patient. The
company’s data owner believes that exposure of the data could cause damage (but not
exceptional damage) to the organization. How should Lauren classify the data?
A. Public
B. Sensitive
C. Private
D. Confidential - What technology could Lauren’s employer implement to help prevent confidential data
from being emailed out of the organization?
A. DLP
B. IDS
C. A firewall
D. UDP - A U.S. government database contains Secret, Confidential, and Top Secret data. How
should it be classified?
A. Top S e c re t
B. Confidential
C. Secret
D. Mixed classification - What tool is used to prevent employees who leave from sharing proprietary information
with their new employers?
A. Encryption
B. NDA
C. Classification
D. Purging - What encryption algorithm is used by both BitLocker and Microsoft’s Encrypting
File System?
A. Blowfish
B. Serpent
C. AES
D. 3DES