Data Protection Flashcards

1
Q

Sensitive Data

A

Any information that can result ina aloss of security or a loss of advantage to a company if accessed by an unauthorized person.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Public Data

A

Has no impact on the company if released and is often posted in an open-source environment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Private Data

A

Contains data that should only be used within the org

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Confidential Data

A

Contains items such as trade secrets, intellectual property data, and source code that affect the business if disclosed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Critical

A

Contains valuable information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the government classifications?

A

Unclassified
Sensitive but Unclassified
Confidential (serious effect)
Secret (Serious Damage)
Top Secret

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Data Owner

A

Senior executive role that has the responsibility for maintaining the CIA of the asset.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Data Controller

A

Entity that holds responsibility for deciding the purposes + methods of data storage, collection, and usage, and for guaranteeing the legality of processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Data Processor

A

A group of individuals hired by the data controller to help with tasks like collecting, storing, or analyzing data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Data steward

A

Focused on the quality of the data and the associated metadata

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Data Custodian

A

Responsible for handling the management of the system on which the data assets are stored

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Privacy Officer

A

Role that is responsible for the oversight of any kind of privacy-related data like PHI, PII, or SPI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How to Protect Data at Rest

A

Full disk encryption (FDE)
Partition Encryption
File Encryption
Volume encryption
Database encryption
Record encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How to Protect Data in Motion

A

Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
Virtual Private Network (VPN)
Internet Protocol Security (IPSec)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Data Sovereignty

A

Refers to the concept that digital information is subject to the laws of the country in which it is located.
The principle is that information is subject to the nation’s laws where it is collected or processed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What options are there for securing data?

A

Geographical Restrictions (Geofencing) -Virtual Boundaries to restrict access based on location

Encryption - Transforms readable data into ciphertext using an algorithm and encryption key.

Hashing - Converts data into a fixed size of numerical or alphanumeric characters, known as a hash value. Used for sensitive data, like passwords.

Masking - involves replacing some or all the data in a field with a placeholder such as “X” to cancel the original content.

Tokenization - Replaces sensitive data with non-sensitive substitutes, known as tokens.

Obfuscation - Involves making data unclear or unintelligible, making it difficult for unauthorized users to understand.

Segmentation - involves dividing a network into separate segments, each with its security controls.

Permission Restrictions - This involves defining who has access to specific data and what they can do with it.

17
Q
A