Exam Tips Flashcards
(25 cards)
What is the CCPA?
California consumer privacy act
What is the ISO 27701?
Data privacy controls
What is the GDPR?
General data protection regulations
Privacy EU, multinational overseas data roles.
What does the data owner do?
Access and sharing policy
What does the data custodian do?
Stores, manages, backing up and encrypting data
What does the data controller do?
Writes policy on data handling and processing data.
What does the data processor do?
Processes data according to the data controllers policies.
What does the Data privacy officer do?
Ensures data compliance
What is L2TP/IPsec VPN?
Home to work tunnel
What is L2TP/IPsec site to site vpn?
Point to point, always on
What is CASB?
Cloud access security broker
Maintains visibility and security over cloud devices
WHAT IS FDE and what are critical to its implementation?
Full disk encryption
Key escrow
TPM (TRUSTED PLATFORM MODULE)
What is a WAF? What can it protect against?
Web application firewall
Buffer overflows
What does a DLP do?
Monitors, detects, and prevents the unauthorized transfer of sensitive data.
Private vs confidential?
Private is for an individual
Congidentialnis for a group
What should you do if you need to upgrade an IoT?
Segment it from the network and then upgrade.
What control is an acceptable use policy?
Preventative.
What to do when a network device does not meet new encryption standards?
Decommission
What control is used when a firewall allows connections from only specific internal ip addresses?
Compensating control
How to monitor attack strategies?
Honeypot, isolated from production server.
What is a host based firewall?
Set up to individual computers and hosts to monitor internal traffic.
What security protocol secure communications over ip network
Ipsec
What is social engineering?
Manipulating an individual to give out classified info.
Phishing is sent to everyone.
