Secondary Logo

Journal Logo

CE Connection

Cybersecurity matters

Nursing Management (Springhouse): February 2018 - Volume 49 - Issue 2 - p 1
doi: 10.1097/01.NUMA.0000530432.50911.a0
  • Free

GENERAL PURPOSE: To provide an overview of cybersecurity and good cyber hygiene for healthcare providers. LEARNING OBJECTIVES/OUTCOMES: After completing this continuing-education activity, you should be able to: 1. Identify security threats to an organization's IT systems. 2. Distinguish protective decisions that will positively influence an organization's security.

  1. End users can have the greatest impact on improving the security posture of an organization by
    1. powering down computers when not in use.
    2. not sharing e-mail addresses publicly.
    3. practicing good cyber hygiene.
  2. As described in the article, the top security threat for many healthcare organizations is
    1. malware viruses.
    2. its end users.
    3. malicious hackers.
  3. The author states that security problems most often arise when good security takes a backseat to
    1. convenience.
    2. disinterest.
    3. insubordination.
  4. Which of the following is the safest location to store passwords?
    1. on a sticky note under a keyboard
    2. in a secure electronic document
    3. on a piece of paper in a locked drawer
  5. When creating passwords for multiple accounts, the best strategy is to
    1. use the default passwords.
    2. create several variations of one password.
    3. use different, arbitrary combinations for each.
  6. The strongest passwords include
    1. words with integrated numbers and symbols.
    2. sequential strokes on a keyboard that don't form words.
    3. arbitrary combinations of letters, numbers, and symbols.
  7. Social media postings can pose a threat to cybersecurity because
    1. clients can view employees' personal business.
    2. answers to password reset security questions can be found.
    3. the public can view the organization's employee lists.
  8. An organization's website may be “scraped” to derive a customized wordlist that enables a cyber-attacker to
    1. directly access client information.
    2. guess or crack end users' passwords.
    3. block employees' access.
  9. Before downloading software/tools from the Internet, it's very important to always first
    1. reset system passwords.
    2. install any browser upgrades.
    3. check with the IT department.
  10. The most immediate risk involved with clicking on an unexpected or unusual link or attachment in an e-mail is that it may
    1. download a malware infection.
    2. communicate the user's e-mail address to phishing websites.
    3. make one's presence known to cyber-attackers.
  11. In the absence of any immediate cyber-attack threat, the best time for end users to install available system updates is
    1. as soon as possible.
    2. during normally slow electronic traffic times.
    3. during an IT system audit.
  12. When publishing a paper or giving a presentation with personally identifiable information and/or protected health information, one should be sure to
    1. share it only with professionals within the organization.
    2. ensure blacked out information can't be reconstituted.
    3. obtain signed permission to use identifying information.
  13. Good cyber hygiene includes
    1. leaving your computer system unlocked while you aren't in the room.
    2. clearing your web browser's cache.
    3. choosing your own online service to back up work-related data.
  14. Which of the following statements about security breaches is accurate?
    1. All cyber-attacks can be prevented.
    2. Small breaches don't constitute significant threats to the organization.
    3. Accessing legitimate websites can sometimes lead to malware infection.
  15. A user who suspects his or her organizational account has been compromised should
    1. notify a supervisor and the IT department immediately.
    2. document subsequent events before notifying the IT department.
    3. try to determine the source of the breach, then call the IT department.
  16. What can employees do to help enable an organization to assess a potential breach, prioritize the incident, determine the root cause, and remediate and/or resolve the situation?
    1. Document the Who? What? Where? When? and Why?
    2. Send a list of usernames and passwords to the IT department.
    3. Compile a list of all websites recently visited.
  17. If it becomes absolutely necessary to access a restricted resource or system, the end user should
    1. access it from a home or personal computer.
    2. communicate with the IT department about what needs to be done.
    3. configure a secure workaround of the institutional process.
  18. The mantra offered by the author is “protect the data, protect
    1. your job.”
    2. our organization.”
    3. the patient.”
Wolters Kluwer Health, Inc. All rights reserved.