Goals
To demonstrate fundamental understanding of security compliance regulations.
Objectives
After completing this exercise, you should be able to:
- Distinguish various industry and government security compliance regulations.
- Discuss the role that the Incident Handler plays in supporting compliance with a security standard or standards.
Matching
Match each regulation with the correct requirements.
| 1. | HIPPA | A | Mandates that financial institutions maintain safeguards to protect customer information. |
| 2. | Sarbanes-Oxley | B | Outlines security requirements for all companies which transmit credit card data. |
| 3. | GLBA | C | Safeguards the confidentiality of health records during storage and transmission of those records. |
| 4. | PCI DSS | D | A recommended set of standards put for by the U.S government. |
| 5. | ISO 27001 | E | Students and parents must be notified before directory information is disclosed or published. |
| 6. | NIST | F | Regulates firms providing IT products and services to the U.S. government. |
| 7. | FERPA | G | Specifies a standard for information security management |
| H | Electronic communication must be backed up and secured. |