Asset Security

Question 1

how many financial loses are there in the CISSP material?

Answer 1

3

Question 2

What are the Asset Security controls?

Answer 2

1. Data Classification
2. labels
3. retention
4. ownership of data
   (page 81)

Question 3

What are the main mechanisms to protect high sensitive data (such as government or military)?

Answer 3

1. need to know
2. formal access approval
3. clearance
4. management of labels

Question 4

objects have _________?

a. ) clearance
b. ) labels

Answer 4

clearance

Question 5

what are the data classifications criteria used by most of the governments?

Answer 5

1. ) Top secret
2. ) Secret
3. ) Confidential

Question 6

what is sensitive but unclassified (SBU) labeling and an example on it?

Answer 6

this includes sensitive data which if leaked to public won’t cause national damage but still is sensitive. example, healthcare patients information.

Question 7

whats the difference between clearance and formal access approval?

Answer 7

clearance is a decision/determinations whether a subject can be trusted to access national security data (this decision is made after a thorough background check by an administrative judge.

formal access approval is a formal document/paper showing the approval given by the data owner to a subject to access an object, the subject must understand what he is accessing and what are the consequences should the data become lost, destroyed, or compromised.

Question 8

what is data remanence ?

Answer 8

it’s the data left on a magnetic storage device after using noninvasive ways to deleting the data.

Question 9

what is the fastest memory on the system?

1. RAM
2. ROM
3. Cache Memory
4. Register file

Answer 9

Cache memory is the fastest on the system

register file is the fastest portion of the CPU cache.

Question 10

what type of RAM does the Cache Memory use?

1. DDRAM?
2. RDRAM?
3. SRAM?
4. RAM?

Answer 10

SRAM (Static)

Question 11

what are the types of the Cache Memory?

Answer 11

1. Register file
2. Level 1
3. Level 2

Question 12

what is SSD garbage collection process?

Answer 12

it’s the process of taking care of unused and unerased blocks and erased in the background.

Question 13

what does the USB considered?

1. Firmware
2. RAM
3. Flash Drive
4. disk drive

Answer 13

it’s a flash drive and it’s not affected by simple magnetic fields like a magnetic disk (tape)

Question 14

what is the command used to improve the garbage collection process?

1. TMR
2. TRIM
3. ATA
4. EEPROM

Answer 14

TRIM is the command.

Question 15

what is a cold boot attack?

Answer 15

it’s an attack on the RAM, it boots using the OS saved on a USB for example and takes a copy of the RAM memory and dump it on the USB. The reason is that the RAM loses data after it reboots but still some data is kept as a remanence such as the encryption keys sometimes.

Question 16

what is degaussing?

Answer 16

it’s the process o using a strong magnet to destroy a tape or disk drive