Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CIPM > Chapter 5 - Privacy Operational Lifecycle - Protect > Flashcards

Chapter 5 - Privacy Operational Lifecycle - Protect Flashcards

1
Q

What are the 7 foundational principles of PbD

A
  1. Proactive not reactive
  2. Privacy as the default
  3. Privacy embedded into design
  4. Full functionality - positive sum not zero sum
  5. End to end security
  6. Visibility and transparency
  7. Respect for user privacy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is data protection by design and default?

A

This is the GDPR standard under Article 25 and recital 78. It is similar to PbD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does Data Protection by Design and Default mandate?

A

Taking into account state of the art, organisations should implement appropriate technical and organisational measures in order to implement data protection principles. This could include pseudonymisation, transparency, enabling data subject to monitor processing, etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the GDPR Principles

A

Lawfulness, fairness and transparency
Purpose limitation
Data minimisation
Accuracy
Storage limitation
Integrity and confidentiality
Accountability

LPD ASIA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the aims of information security practices

A

To ensure information is kept with confidentiality, integrity and availability (CIA).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are listed InfoSec risk as highlighted by Security Boulevard

A
  1. Cloud based
  2. Insider threads
  3. End point threats
  4. Deep fakes
  5. Living off the land attacks
  6. Ransomware
  7. Phishing
  8. Malvertising
  9. Social media attacks
  10. IoT
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the categories of InfoSec controls

A
  1. Preventative
  2. Detective
  3. Corrective

And

  1. Physical
  2. Administrative
  3. Technical
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the key InfoSec control measures

A
  1. Policies
  2. Org structure
  3. Asset management
  4. Access control
  5. Cryptography
  6. Physical security and controls
  7. Operational security
  8. Systems acquisition and maintenance
  9. Communications security
  10. Supplier relationships
  11. Compliance program
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are 3 key differences between data privacy and Information Security?

A
  1. Infosec concerned about confidential information mostly, whereas data privacy concerned with PII even if public (ie phone booth)
  2. Data privacy with wider set of responsibilities outside of just security
  3. At times infosec tools can become overly invasive and limit privacy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the basic principles for RBAC

A
  1. Segregation of duties
  2. Least privilege
  3. Need to know access
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the principles behind user access management

A
  1. Unique ids (no group emails)
  2. Credentials for ID (ie 2FA)
  3. Access tied to role
  4. Formal process for granting and removing
  5. Password management
  6. User account review
  7. User responsibility
  8. Good security practice
  9. Clean desk policy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What 4 areas do technical controls to implement privacy measures fall into

A
  1. Obfuscation
  2. Minimisation
  3. Security
  4. PETs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CIPM (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions