Data Classification

Question 1

Who is the data owner ?

Answer 1

The data owner is the organisation that has collected or created the data. Normally assigned to an individual such as a department head. In the cloud the cloud customer is the data owner.

Question 2

What duties does a data custodian perofrm ?

Answer 2

The data custodian is entrusted by the data owner to secure the data as well as daily administration and maintenance of the data.

Question 3

What is the role of the data processor ?

Answer 3

The data processor is anybody who manipulates, copies, prints or destroys the data on behalf of the data owner

Question 4

Who is ultimately responsible for data ?

Answer 4

Data owner

Question 5

Does the data processor always have to have a direct link to the data owner ?

Answer 5

No

Question 6

What are the stages of the data lifecycle ?

Answer 6

Create, Store, Use, Share, Archive, Destroy

Question 7

What are the ways data can be categorised?

Answer 7

Functional Unit
Business Unit

Project
Regulatory

Question 8

Who classifies the data and when is it done ?

Answer 8

Data Owner in create phase

Question 9

What is data labelling ?

Answer 9

Labelling data from a security perspective makes sense by readily indicating the nature of certain information and how it should be handled and protected.

Common Labels are

Date of Creation
Date of scheduled destruction
Confidentiality
Handling directions
Dissemination
Source
Jurisdiction
Applicable Regulation

Question 10

What is Data Discovery

Answer 10

Data Discovery relates to several techniques that an organisation utilizes to get a handle on its data architecture for either an investigation or creating an initial inventory.

Question 11

What are the three main types of data discovery ?

Answer 11

Labels, Content and Metadata

Question 12

Name four ways to categorise data ?

Answer 12

Regulatory, Business Function, Functional Unit, Project

Question 13

Name three ways to classify data ?

Answer 13

Sensitivity, Jurisdiction, Criticality

Question 14

Give examples of some common data labels ?

Answer 14

Date of Creation
Date of Destruction
Confidentiality Level
Handling Directions
Disesemination
Access Limitation
Source
Jurisdiction
Applicable Regulation

Question 15

Name five data discovery methods ?

Answer 15

Label, Metadata, Content, Structure, Analytics

Question 16

What are the jurisdictional requirements of Asia ?

Answer 16

Data privacy differs greatly between countries - Japan adheres to EU model as does Singapore China on the other had demands that all IT traffic and communications be accessible to the Chineses Government.

Question 17

What are the jurisdictional requirements of South and Central America ?

Answer 17

Most countries lack privacy protection frameworks except Argentina which has Personal Data Protection Act

Question 18

What are the jurisdictional requirements of Australia and New Zealand ?

Answer 18

Strong Privacy and Protection that maps to EU GDPR

Question 19

What are the jurisdictional requirements of Europe ?

Answer 19

Strong Personal Privacy info protection covered by GDPR

Question 20

What are the jurisdictional requirements of Usa ?

Answer 20

There is no singular, overarching federal privacy statute instead it tends to be industry led (HIPAA, GLBA) or contractual obligations such as PCI.

Question 21

What is copyright ?

Answer 21

The protection for the legal expression of ideas is copyright. It does not cover specific words, slogans, recipes or formulae.

The duration of copyright vary based on the terms under which they were created depending on if an individual created the work themselves or if the work was created under contract. Typically copyright lasts either for 70 years after the authors death or 120 after the first publication of work created under contract.

Copyright gives the creator

Perform the work publicly
Profit from the work
Make copies
Make derivative copies
Import or Expor
Broadcast
Sell or otherwise assign the rights.

Copyright infingement is usually dealt with as a civil case.

Normally it is the creator who owns the copyright but in some US states its the person who first registers it.

Question 22

What are trademarks ?

Answer 22

Applied to specific words and graphics - they are representation of organisation and its brand

US Patent and Trademark Office registers them (USPTO) - r or tm symbol

Infringement is actionable and lasts in perpetuity

Question 23

What are Patents

Answer 23

Protects invention, materials etc - Typically last for 20 years from the time of patent application

World Intellectual Property Office (WIPO) global

Question 24

What are trade secrets ?

Answer 24

food formulaes, commercial methods or aggregations of information. Trade Secrets must be kept secret to have protection lasts in perpetuity but if competitor discovers the secret they are not liable.

Question 25

What is a IRM rudimentary check ?

Answer 25

The content itself can automatically check for proper usage or ownership. For instance pausing in operation until some information that could only have been acquired with purchase of a licensed copy.

Question 26

What is a IRM local reference check ?

Answer 26

User installs a reference tool that checks the protected content against the users license.

Question 27

What is a IRM online reference check ?

Answer 27

The information is entered such as a key which is checked by the system online at a later date.

Question 28

What is a IRM prescence of licensed media chack ?

Answer 28

Some IRM systems require the presence of licensed media as content is being used.

Question 29

What is a IRM support based check ?

Answer 29

Some IRM solutions need proof of support for content

Question 30

What are the main features of IRM ?

Answer 30

Persistens Protection Dynamic Policy Control Automatic Expiration Continuous Auditing Replication Restrictions Remote Rights Revocation

Question 31

What are data retention formats ?

Answer 31

The policy should contain a description of how the data is actually archived what type of media it is stored on and any handling specifications particular to that data - for example some data may need to be encrypted.

Question 32

What are archiving and retrieval procedures ?

Answer 32

Having data in storage can serve a business continuity and disaster recovery backups and can be determined for business intelligence purposes.

Question 33

What is a retention period ?

Answer 33

Length of time that the organisation should keep data - normally for long term storage which can be mandated or modified by contractual or regulatory agreements.

Question 34

What is legal hold ?

Answer 34

Legal Hold severely affects retention and destruction policies because it supersedes them - mandating the suspension of deletion activities until the reason for the legal hold is solved.

Question 35

What is the issue with log review analysis ?

Answer 35

Organisations lack resources for dedicated analyst Log Review is mundan and repetitive Log review requires both experienced and inexperienced operatives Reviewer needs to understand operation to distinguish between authorised and non authorised activity

Question 36

What is De Gaussing ?

Answer 36

Use of magnets to erase data - does not work with solid state drives

Question 37

What is crypto shredding

Answer 37

Encrypting data with strong keys - then encrypt the keys with a second algorithm and then destroying keys of second round of encryption.

Question 38

What is overwriting

Answer 38

Multiple passes of random characters with a final pass of zeroes and ones - again not appropriate for solid state

Question 39

What does a traditional delete do ?

Answer 39

Hardware can never be sanitised by just deletion which dosent delete data but just removes logical pointers to that data.