OverviewIn this lab, you implemented policies that map to the Sarbanes-Oxley Act (SOX), the PaymentCard Industry Data Security Standard (PCI-DSS), and the Health Insurance Portability andAccountability Act (HIPAA). You ensured secure data access and encryption of a patientdatabase. You backed up and restored patient data. You also ensured access controls on a pointof sale (POS) system by adding distinct user accounts. You configured a host-based firewall toprotect the cardholder information. Finally, you scanned the POS system for vulnerabilities toidentify security risks.
Lab Assessment Questions & Answers
1. With what section of SOX would the IT professional deal the most, and why?
2. Under HIPAA, when is a health care provider required to notify all patients and theDepartment of Health and Human Services when a security breach is discovered?
3. Which database is more secure: the Java-based Apache Derby or MySQL?
4. Which types of businesses or entities are governed by HIPAA?Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.www.jblearning.com Student Lab Manual
5. According to the PCI Quick Reference guide, who must comply with PCI-DSSstandards?
6. What are the 11 titles of mandates and requirements for SOX compliance?
7. What purpose may COBIT serve to help comply with regulations such as SarbanesOxley?
8. What is RDP? What port number does it use?