Asset Security Flashcards
Sarbanes-Oxley Act (SOX)
Any public traded company on US Market - FINANCIAL SAFEGUARDS and ensures data integrity
Computer Fraud and Abuse Act (CFAA)
US Anti-hacking statute, most widely used law pertaining to computer crime and hacking.
Federal Privacy Act of 1974
How we gather data on US citizens and how to safeguard data
Personal Information Protection and Electronic Documents Act
Canadian law in the private sector to oversee collection, use, and disclosure of personal information in regular business activities. Applies if you plan on doing business with Canada.
USA Patriot Act
Allows agencies to use a single warrant from one federal judge to collect info from sources across the US
Gramm-Leach-Bliley Act of 1999 (GLBA)
Requirement for Financial Institutions to give their customers the right to keep financial companies from sharing info with nonaffiliated parties.
Federal Information Security Management Act (FISMA)
US Fed Govt Act, requires fed agencies to safeguard PII and information systems
United States Department of Commerce Safe Harbor Privacy Principles
FTC and DoT business with US and EU framework - safeguard/handling of customer data. ONLY applies to
Asia Pacific Economic Cooperation (APEC) Privacy Framework
Focuses on results/harm that the disclosure of info could have on business, rather than individual rights.
What encryption method does IPsec use to ensure the confidentiality of data in transit?
Encapsulating Security Payload (ESP) - protocol that uses IPsec to encrypt data. Operates in Tunnel Mode, and Transport Mode.
Relationship between TLS and SSL?
TLS is a new and improved version of SSL. However, NONE of them should be used due to known vulnerabilities