Chapter 5 Flashcards
Any data that isn’t public or unclassified
Sensitive Data
information that can identify an individual
PII
any health-related information that can be related to a specific person
PHI
data that helps an organization maintain a competetive edge
ie software code, trade secrets, intellectual property
Proprietary Data
disclosure would cause exceptionally grave damage to national security
top secret
disclosure would cause serious damage to national security
secret
disclosure would cause damage to national security
confidential
NGO classification for exceptionally grave damage
Confidential/Proprietary
NGO classification for serious damage
Private
NGO classification for damage
Sensitive
NGO classification for no damage
Public
data stored on media
Data at Rest
What kind of encryption protects data at rest?
Strong, symmetric encryption
data transmitted over a network
data in transit
what kind of encryption protects data in transit?
a combination of symmetric and asymmetric encryption
data in memory or temporary storage buffers
Data in Use
what kind of encryption protects data in use?
usually unencrypted (o.o)
sometimes homomoprhic encryption
what is the best way to protect confidentiality of data?
strong encryption paired with strong authentication and authorization controls.
person filling this role ensures that the organization is conducting all business activities by following the laws and regulations that apply to the organization
compliance officer
Security administrators use the _____ defined in the security police to identify security ______.
requirements
security controls
DLP
Data Loss Prevention
event in which an unauthorized entity can view or access sensitive data
data breach
ongoing efforts to organize and care for data throughout its lifetime
data maintenance
What does this describe?
One network process unclassified data only. Another network processes classified data only. The two networks never physically touch each other.
Air Gap - a physical security control
How can data be transferred between air gapped networks?
Manually
USB
unidirectional network bridge (data can only move from unclass to class network)
technical guard solution - combo of hardware and software that requires data to be appropriately marked
systems that attempt to detect and block data exfiltration attempts
can scan unencrypted data and look for keywords or patterns
DLP
two primary types of DLP
Network and Endpoint
which type of DLP is looks at data leaving an organization on an edge device?
Network
which type of DLP can detect users copying data to a USB or sending to a printer?
Endpoint
what is a risk of logging/storing data?
Loosing the data or data breaches. Only store what is necessary for business purposes or what is required by law/regulation. (limit data collection)
Where is the best practice location for backups?
One copy on site and another copy offsite.
physical security measures for sensitive data storage:
locks
multiple layers of physical security (guards, badged entry)
environmental controls
data that remains on media after it was supposedly erased
data remanence
If a user was working on a top secret file a moment ago and then creates a small unclassified file, the small file might contain top secret data pulled from memory.
what security control would prevent this?
Do not process classified data on unclass systems
what generates a heavy magnetic field, which realigns the magfields in media such as traditional hard drives, magentic tape, and floppy disk drives?
(uses magents to completely remove data remanence)
degauser
what is the best method of sanitizing SSDs?
destruction - shred to 2 mm or less
performing a delete operation against media - usually only removes the directory link to the data.
erasing
preparing media for reuse and ensuring that the cleared data cannot be recovered
clearing/overwriting
3 steps of a common clearing protocol
- a character (110)
- its complement (001)
- random bits
intense form of clearing for reusing media in less secure environments - data is not recoverable using any known methods
purging
uses magnets to erase data on traditional media
degaussing
final stage in lifecycle of media and most secure method of sanitizing data
destruction
any process that purges media or a system in preparation for reuse in an unclassified environment
declassification
declassification vs destruction
purchasing new media is often less expensive that declassification methods so most organizations opt to destroy media when it is no longer needed.
destroying the encryption key, or both encryption and decryption keys
cryptographic erasure - could possibly be decrypted so is often paired with a method to overwrite the data
what can organizations do to data stored in the cloud?
encryption erasure is often the only option
retaining and maintaining important information while it is needed and destroying it when it is no longer needed
record retention
solutions that provide copyright protection for copyrighted works
DRM (Digital rights management)
a license that grants access to a product with terms of use
DRM license
over the internet, system periodically connects with an authentication server, and if the connection or authentication fails, DRM blocks use of the product
Persistent Online Authentication (always-on DRM)
detects abuse, such as concurrent use of a product simultaneously but in two geographically different locations (Hulu, anyone?)
Continuous Audit Trail
products are sold on a subscription basis and access is blocked if monthly bill is not paid
Automatic Expiration
software placed logically between users and cloud-based resources that monitors all activity and enforces admin-defined security policies
Cloud Access Security Broker (CASB)
the use of IT resources without the approval of the IT department
Like Mr. Armstrong using Google Drive to ask us how we feel about each other.
Shadow IT
using pseudonyms to represent other PII data (can result in less stringent requirements that would apply under the GDPR)
ie using a patient number instead of a name on medical records
pseudonymization
use of a random string of characters to replace other data (often used with credit card transactions)
tokenization. the string is the token.
4 steps of tokenization
- Registration
- Usage
- Validation
- Completing the Sale
creating a token and recording it along with the encrypted credit card number, associated with a phone number
registration
processor sends token to tokenization vault, which answers with unencrypted credit card data and the charge is processed
validation
processor sends a reply to the POS system and credits the seller for purchase
completing the sale
If an attacker gets a token can they make purchases?
No. The transaction would fail because the token only works from the account associated with the token.
removing all PII data
Anonymization
swapping data in columns so that records no longer represent the actual data - aggregate data within each column is still usable for research
randomization
person who is ultimately responsible for data
identify classification and ensure it is properly labeled and protected
owner
the person who owns the asset or system that processes sensitive data
asset owner
which data role Develops a system security plan in coordination with information owners, the system administrator, and functional end users
asset owner
which data role Maintains the system security plan and ensures that the system is deployed and operated according to the agreed-upon security requirements
asset owner
which data role Ensures that system users and support personnel receive appropriate security training, such as instruction on rules of behavior (or an AUP)
Asset owner
which data role is seen as a program manager or information system owner who is responsible for ensuring that systems provide value to an organization
business/mission owner
which method helps business owners and mission owners balance security control requirements with business or mission needs?
COBIT - Control Objectives for Information and Related Technology
the GDPR defines this role as “a natural or legal person, public authority, agency, or other body, which processes personal data solely on behalf of the data controller”
data processor
person or entity that controls to processing of the data - decides which data to process, why, and how
data controller
roles created to oversee the control of data and ensure the organization follows all relevant laws and regulations
this role is mandated by the GDPR
responsible for ensuring the organization applies the laws to protect individual’s private data
data privacy officer
this data role is responsible for day-to-day tasks
ensures proper storage and protection
typically personnel within an IT department or sysadmins
data custodian
anyone with elevated privileges related to data
data administrators
person who accesses data to accomplish work tasks
users
person who can be identified through an identifier within data
data subject
set of minimum security controls defined for an information system
security control baselines
four baselines from NIST SP 800-53B
Low-Impact Baseline
Moderate-Impact Baseline
High-Impact Baseline
Privacy Control Baseline
modifying a list of security controls within a baseline to align with the organizations mission
tailoring
reviewing a list of baseline security controls and selecting only those controls that apply
vigorously defends in writing any decision to omit a control from the baseline
scoping
