Domain 2 Flashcards
Data lifecycle
Create
Store
Use
Share
Archive
Destroy
Government Data Classification
Top Secret(class 3)
Secret(class 2)
Confidential(class 1)
Unclassified(class 0)
Non-gov’t( public) data classification
Confidential/Proprietary (class 3)
Private (class 2)
Sensitive (class 1)
Public (class 0)
Data Security Controls
Marking, labeling, handling, classification
Data handling
Data destruction
Record retention
Tape backup security
Erasing
A data destruction method where a delete operation against a file, files, or media is performed. Data is typically recoverable
Clearing (overwriting)
A data destruction method that prepares media for reuse and ensuring data cannot be recovered using traditional recovery tools
Purging
A data destruction method that is more intense form of clearing that prepares media for reuse in less secure environments
Degaussing
A data destruction method that creates a strong magnetic field that erases data on some media.
Destruction
A data destruction method that is the final stage in the lifecycle of media and is the most secure method of sanitizing media.
Security Control Baseline
Provides a listing of controls that an organization can apply as a baseline
Data protection
Confidentiality is often protected through encryption ( at rest and in transport)
Asset classification
Asset classification should match the data classification
Sensitive Data
Is any information that isn’t public or unclassified. Example: Personally identifiable information (PII), Protected Health Information(PHI)
Data Owner
Usually a member of senior management. Can delegate some day to day duties. Cannot delegate total responsibility.
Data Custodian
Usually someone in the IT department. Does not decide what controls are needed but does implement controls for data owner.