Week 1 Flashcards
(14 cards)
Mechanisms put in place to restrict access to confidential info (e.g. username/password)
Access Control or Authentication/Authorization
Access control refers to the policies and mechanisms that restrict access to information based on user identity and roles.
Separating data into categories based on sensitivity
Data classification
Data classification helps organizations manage and protect data according to its sensitivity level.
Guidelines on data storage, sharing, transmission, disposal
Data Handling Policy
A data handling policy outlines how data should be managed throughout its lifecycle to ensure security and compliance.
Transforming data into a secure and unreadable format using algorithms and keys
Encryption
Encryption is a critical process for protecting sensitive data from unauthorized access.
Who can access and what can be accessed
Access Control or A&A
A&A stands for Authentication and Authorization, which are essential for maintaining data security.
Techniques to ensure that data inputs are accurate, consistent, and conform to predefined rules
Data validation
Data validation prevents malicious data from entering the system by enforcing rules on data integrity.
Data integrity can be verified using checksums or hashing algorithms. Any alteration of the data will result in a different checksum or hash, indicating a potential integrity breach
Cryptography
Cryptography provides mechanisms to verify data integrity and protect data from unauthorized alterations.
Data transmitted over networks should be encrypted and secured to prevent unauthorized modifications during transit. Data in Transit vs Data in Rest
Secure Communication
Secure communication practices help protect data while it is being transmitted across networks.
To ensure data is preserved for the appropriate duration and securely destroyed when no longer needed
Data Retention Policies
Data retention policies define how long data should be kept and the methods for secure disposal.
Version control systems track changes made to files and documents, allowing organizations to revert to previous versions if data integrity is compromised
Version Control
Version control is essential for maintaining the integrity of data and managing changes over time.
Distributes network traffic across multiple servers to prevent overloading any single server, ensuring that services remain available and responsive, even during high traffic periods
Load Balancing
Load balancing enhances availability and performance by distributing workloads evenly.
To minimize single points of failure in their IT infrastructure. This involves duplicating critical components, such as servers, network connections, or power supplies, so that if one fails, another can take over seamlessly
Redundancy
Redundancy is a key strategy for ensuring system resilience and availability.
Ensure business continuity in case of catastrophic events or system failures. This includes offsite backups, data replication, and strategies for quickly restoring services
Failover/Disaster Recovery
Disaster recovery plans are crucial for maintaining operations after unexpected disruptions.
Establish ______ with service providers or cloud providers to ensure that critical services meet predefined availability standards.
Service Level Agreements (SLAs)
SLAs define the expected service levels and responsibilities of service providers.
