2.0 Data & Privacy Flashcards
(22 cards)
personally identifiable information (PII)
data that could reveal a person’s identity
threat actors
cybercriminals
identity fraud
The invention of fake personal information or the theft and misuse of an individual’s personal information.
algorithms
Operations that transform a plaintext into a ciphertext with cryptographic properties, also called a cipher. There are symmetric, asymmetric, and hash cipher types.
cookies
A text file used to store information about a user when they visit a website.
short message service (SMS)
System for sending text messages between cell phones.
encryption
Scrambling the characters used in a message so that the message can be seen but not understood or modified unless it can be deciphered. Encryption provides for a secure means of transmitting data and authenticating users. It is also used to store data securely. Encryption uses different types of algorithm/cipher and one or more keys. The size of the key is one factor in determining the strength of the encryption product.
End-to-end encryption
a method of secure communication that prevents third parties from reading your data while it’s transferred from one system or device to another.
File Transfer Protocol (FTP)
Application protocol used to transfer files between network hosts. Variants include:
S(ecure)FTP
FTP with SSL (FTPS and FTPES)
T(rivial)FTP
***FTP utilizes ports 20 and 21.
artificial intelligence (AI)
The science of creating machines with the ability to develop problem-solving and analysis strategies without significant human direction or intervention.
machine learning (ML)
A component of AI that enables a machine to develop strategies for solving a task given a labeled dataset where features have been manually identified but without further explicit instructions.
General Data Protection Regulation (GDPR)
Provisions and requirements protecting the personal data of European Union (EU) citizens. Transfers of personal data outside the EU Single Market are restricted unless protected by like-for-like regulations, such as the US’s Privacy Shield requirements.
CCPA (California Consumer Privacy Act)
The CCPA is a law that helps people living in California know:
WHAT personal information (PII) companies collect about them,
WHY they collect it.
WHO they share it with.
It lets people in California:
SEE their personal information.
ASK for it to be deleted.
SAY NO to having it sold.
Health Insurance Portability and Accountability Act (HIPAA)
US federal law that protects the storage, reading, modification, and transmission of personal healthcare data.
Encryption
Scrambling the characters used in a message so that the message can be seen but not understood or modified unless it can be deciphered. Encryption provides for a secure means of transmitting data and authenticating users. It is also used to store data securely. Encryption uses different types of algorithm/cipher and one or more keys. The size of the key is one factor in determining the strength of the encryption product.
ciphertext
Data that has been enciphered and cannot be read without the cipher key.
plaintext
Unencrypted data that is meant to be encrypted before it is transmitted, or the result of decryption of encrypted data.
Data at rest
data is sitting still, saved somewhere such as on a computer or in the cloud.
Data in transit
data in motion, is when data is moving from one place to another over the Internet or a network.
HyperText Transfer Protocol Secure (HTTPS)
Application protocol used to provide web content to browsers. HTTP uses port 80. HTTPS(ecure) provides for encrypted transfers, using TLS and port 443.
virtual private network (VPN)
A secure tunnel created between two endpoints connected via an unsecure transport network (typically the Internet).
two-factor authentication (2FA)
Strong authentication mechanism that requires a user to submit two different types of credential, such as a fingerprint scan plus PIN. Often, the second credential is transmitted via a second trusted device or account. This is also referred to as 2-step verification.
