Chapter 11 - Security Operations Flashcards
What is the difference between ‘marking’ and ‘labelling’ in regards to data classification?
Marking is the digital classification of data
Labelling is a physical classification of data
In an organization, which one of the below have the role in specifying how data is classified and the requirements around each data classification?
Management
Data Owners
Data Custodian
Administrator
User
Management define each data classification and what is required to protect each data classification
Who is responsible for protecting data based on their classification, regularly monitoring the data and change classifications if required?
Management
Data Owners
Data Custodian
Administrator
User
Data Owners
Data owners can delegate actions to who?
Management
Data Owners
Data Custodian
Administrator
User
Data custodian
Who can grant/revoke access to data?
Management
Data Owners
Data Custodian
Administrator
User
Administrators
What are the three different states data can be?
Data at rest
Data in transit
Data in use
What policy is required to categorize data based on their perceived value?
This policy will also outline methods on data protection.
Data Management Policy
What is data archiving?
Data archiving is the practice of backing up data.
What is data retention?
Data retention dictates how long to maintain archived data.
What is the degaussing process when removing data?
Degaussing is the use of a powerful magnet to remove data by magnetizing elements of the storage media.
What is HIPAA?
Health Insurance Portability and Accountability (HIPAA) mandates the protection of health-related information in the US and protects them from being disclosed without the user’s consent.
What is the Sarbanes-Oxley (SOX) mandate?
The SOX mandates the protection of data in regards to publicly held companies.
SOX requires high-level officials to validate financial data of their respected companies.
The aim of SOX is to prevent fraudulent activity.
What is GDPR?
GDPR is an EU regulator requirement set out to protect the data of EU citizens.
GDPR prohibits the transfer of EU residents data outside of the EU.
Max fine for GDPR is 20m euros or 4% of global turnover.
What are the three types of company assets?
Hardware
Software
Data
What is certification and accreditation?
Certification and Accreditation is used to test, evaluate and approve systems for their intended purposes.
When a system is certified, an accrediting body provides formal declaration/accreditation.
Certification and Accreditation should be independent to one another and done by separate entities.
What is involved in a typical asset lifecycle?
- Initiation
- Identification of the need for an asset - Development/Acquisition
- The asset is developed or acquired - Implementation/Installation
- Asset is then deployed/configured for use - Maintenance
- Asset is maintained through this phase - Destruction/Disposal
- Removal of system and sanitization of data
What is Data Definition Language (DDL)?
DDL are statements used to created structured databases such as keys, relationships etc.
What is Data Manipulation Language (DML)?
DML is used to query/view data stored within databases
What is an Online Transaction Processing database (OLTP)?
Transactional data are first stored in logs prior to making changes to the back-end database.
This requires good data normalization and a standardised common information model.
What is an Online Analytical Processing database (OLAP)?
OLAP structures data within data warehouses into structured cubes for easier retrieval.
What is Data Inference attack?
Data Inference attack is the unauthorized access to classified information by a malicious threat actor.
What is Data Diddling attack?
Data diddling is the modification of data prior or during data entry into a database.
This is fraud type attack
