1. A Trojan is _______________.
  1. HIPAA requires patient notification when there has been a data breach, unless _______________.
  1. You should always keep your office’s data backups onsite, so you won’t lose track of them.
  1. What is the primary risk associated with daisy-chaining (using the same password to secure different accounts)?
  1. What is the most common sign that a computer network has been compromised?
  1. What steps should be taken to safeguard the information on a smartphone or other mobile device in case it’s stolen?
  1. Which one is NOT a mistake that could lead to the inadvertent disclosure of PHI?
  1. Pentesting is _______________.
  1. The HIPAA Privacy and Security Rule requirements apply to dental offices directly, but not to outside vendors, consultants or subcontractors.
  1. BEC scam is also referred to as _______________.
  1. An endpoint is _______________.
  1. An attacker can steal electronic data from a printer or photocopier.
  1. Which attack focuses on tricking victims into sending out wire transfers to scammers?
  1. Operating system hardening relates to the removal of unnecessary software, accounts and functions from computers and servers.
  1. What is an advantage to using a password manager?
  1. What is the most effective method of data disposal?
  1. An in-person attempt by a hacker to effectively talk or trick his or her way inside your office is called _______________.
  1. What steps should you take with regard to an employee’s network access when he or she stops working at your office (regardless of reason)?
  1. The “Cloud” is simply someone else’s computer accessed via the Internet.
  1. When should an office prepare incident response and disaster recovery plans?
  1. Which one of these is the strongest password?
  1. What is two-factor authentication?
  1. A factory reset is designed to update all of the software on a mobile device.
  1. What is smishing?
  1. HHS presumes that a successful ransomware attack is a data breach.
  1. Why is an attacker compromising an account with administrative privileges especially dangerous to a network?
  1. What is the Principle of Least Privilege?