Domain 1: Security and Risk Management Flashcards Preview

CISSP > Domain 1: Security and Risk Management > Flashcards

Flashcards in Domain 1: Security and Risk Management Deck (11):
1

What is the EU Data Protection Directive?

The EU Data Protection Directive allows for the free flow of information while still maintaining consistent protections of each member nation's citizen data.

2

Does the EU Data Protection Directive allow individuals to opt in or opt out of sharing their personal data with third parties?

It allows individuals to opt out of sharing their personal data with third parties.

3

Does the EU Data Protection Directive allow individuals to opt in or opt out of sharing their most sensitive personal data?

It requires individuals to opt in to sharing their most sensitive personal data.

4

What does OECD stand for?

The Organization of Economic Cooperation and Development.

5

Who is in the OECD?

It consists of 30 member nations from around the world. Prominent European countries, US, Mexico, Australia, Japan, and the Czech Republic are some of the members.

6

What does the OECD do?

It provides a forum for member countries to focus on issues that impact the global economy. The OECD will routinely issue consensus recommendations that can serve as an impetus to change current policy and legislation in the OECD member countries and beyond.

7

What is the Use Limitation Principle?

It is one of the eight driving principles of the OECD which states, personal data should never be disclosed without the consent of the individual or as the result of a legal requirement.

8

What is the Security Safeguards Principle?

It is one of the eight driving principles of the OECD which states, personal data should be reasonably protected against unauthorized use, disclosure, and alteration.

9

What is the Openness Principle?

It is one of the eight driving principles of the OECD which states, the general policy concerning collection and use of personal data should be readily available.

10

Name the eight driving principles of the OECD.

Collection Limitation Principle.
Data Quality Principle.
Purpose Specification Principle.
Use Limitation Principle.
Security Safeguards Principle.
Openness Principle.
Individual Participation Principle.
Accountability Principle.

11

What is the EU-US Safe Harbor framework?

It is a solution to satisfy the requirement of the EU Data Protection Directive which states that personal data can not be transmitted to countries outside of the EU unless the country is perceived to adequately protect their data. The US is perceived to have less stringent privacy protections. This framework gives US-based organizations the benefit of authorized data sharing if they voluntarily consent to the data privacy principles that are consistent with the EU Data Protection Directive.