For the Mentcare system, suggest an example of an asset, an exposure, a vulnerability, an attack, a threat and a control, in addition to those discussed in this chapter.
What will be an ideal response?
Asset
Local database stored on nurses laptop or clinic PC
Exposure
Moderate. Loss of consultation records. Clinical
consequences possible if
Vulnerability
Nurse or doctor leave consultation with patient but leave
themselves logged into system
Attack
Patient accesses unattended system
Threat
Patient deletes or corrupts patient records held in local database.
Control
Log all actions and support ‘undo’ of log actions. Require
password to open individual patient records.
There are obviously many possible other examples here. Note that the attack, etc.
need not be an attack on the identified asset (the question is a more general one)
You might also like to view...
________ is an industry consortium dedicated to the promotion and adoption of SDN through open standard development.
A) ONF B) ITU-T C) ODCA D) ETSI
Which operator concatenates two strings?
A. = B. =+ C. + D. ==
Widgets that are created by third-party developers are known as
a. internal applications. b. moderated applications. c. profile applications. d. external applications.
A maximum of two formatting changes can be made to each element of any chart
Indicate whether the statement is true or false