CISSP Domain 2: Asset Security Flashcards

1
Q

Remanence

A

Data that persists beyond noninvasive means to delete it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Reference Monitor

A

Mediates all access between subjects and objects/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Scoping

A

The process of determining which portions of a standard/baseline will be employed by an organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SSD

A

Solid State Drive: a combination of flash memory and (EEPROM) and DRAM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Labels

A

Objects have labels. Subjects have clearances

Government: Top secret, Secret, Confidential

Private Sector: Confidential, internal Use Only, Public

Formal approval/ authorization to specific levels of information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Formal Access Approval

A
  • Documented
  • Access request approved by the Data Owner
  • Approves subjects access to certain objects
  • Subjects must understand all rules and requirements for access
  • Best practices is that all access requests and access approvals are auditable
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Data Classification

A

Confidential, Internal Use, Public

  • Defines sensitive information
  • Data Handling Requirements
  • Data storage requirements
  • Data Retention requirements
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Data Owner

A
  • Person responsible for or dependent upon the business process associated with an information asset.
  • Knowledgeable about how the information is acquired, transmitted, stored, deleted, and otherwise processed.
  • Determined the appropriate value and classification of information generated to business owner or department.
  • Must communicate the information classification when the information is released to others
  • Controls assess to their information and must be consulted when access is extended or modified
  • Must communicated information classification to Data Custodian so that they can provide appropriate level of protection.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Data Custodian

A

-Maintains the protection of data according to the information classification associated to the by the Data Owner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Data User

A
  • Any person, organization or entity that interacts with data for the purpose of performing and authorized task.
  • Responsible for using data in a manner that is consistent with the purpose intended and in compliance with policy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Data Controller

A

controls the processing of sensitive data within an organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Data Processors

A

processes data on behalf of data controllers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Memory

Cache

A

-Cache; fast and close to CPU
. Level 1 cache - located on the CPU
. Level 2 cache - connected to the CPU

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Memory

RAM
DRAM
SRAM

A

-RAM: Random Access Memory
. Volatile
. Modules installed on slots on motherboard

-DRAM: Dynamic Random Access Memory
 . slower and cheaper
 . small capacitors to store bits
 . capacitors lose charge and must be continuously    
   refreshed

-SRAM: Static Random Access Memory
, Fast and expensive
. Latches called “flip flops” to store bits (data)
. Does not require refreshing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Memory

ROM
PROM
EPROM
EEPROM
PLD
A

ROM: can be used to store firmware, configurations and small programs that do not change much

-PROM: (Programmable Read Only Memory)
. written once, usually by manufacturer

-EPROM: (Erasable Programmable Read Only Memory)
.can be “flashed”; usually with ultraviolet light

-EEPROM: (Electrically Erasable Programmable Read Only Memory)
. can be flashed “electrically”
. Flash memory

PLD: (Programmable Logic Device) field programmable device (EPROM EEPROM Flash)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Data Destruction

Deleting
Overwriting
Clearing
Purging

A

-deleting a file only removed the entry from the FAT and marks the block as unallocated. Data still there
- reformatting only replaces old fat with new. Data still there
Data Remanence: data remaining after attempted delete or destruction

-Clearing, Overwriting shredding and wiping
.process of preparing media for reuse and ensuring that the cleared data cannot be recovered using traditional recovery tools.
. overwrites the data and removes the FAT entry
. secure overwrites each section of hard drive or media
. one pass in enough as long as each sector is overwritten

  • Purging
    . a more intense form of clearing that prepares media for reuse in less secure environments. It provides a level of assurance that the original data is not recoverable using any known methods.
17
Q

Data Destruction

Physical

A
  • most secure method of destroying data

- incineration, pulverization, shredding, acid

18
Q

Certification

Accreditation

A

Certification: the validation that a certain (owner-specified) security requirements have been met.

Accreditation: formal acceptance of the certification by the owner

19
Q

PCI-DSS

A

-only applies to Cardholder Data Environment
-Core principles include
.build and maintain a secure network and system
.protect cardholder data
.maintain vulnerability management program
. implement strong access control measures
. regularly monitor and test networks
. maintain an information security policy

20
Q

OCTAVE

A

Operationally Threat, Asset and Vulnerability Evaluation

  • Risk management framework developed by Carnegie Melon

-3 phases for managing risk
. Phase 1- staff knowledge , assets and threats
. Phase 2- identify vulnerabilities and evaluate safeguards and
controls
. Phase 3- risk analysis and risk mitigation strategy

21
Q

ISO 17799 and 27000 Series

A

-broad flexible information security standard maintained by the International Organization for Standardization (ISO)

  • derived from the British standard.
    . ISO 27001 - Information technology - Security Techniques
    . ISO 27002 - code of practice for information security management
    . ISO 27005 - information security risk management
    . ISO 27799 - information security management in health using ISO 27002
22
Q

COBIT

A

Control Objectives for Information and Related Technology

-4 Domains
 . Plan and Organize
 . Acquire and Implement
 . Deliver and Support
 . Monitor and Evaluate
23
Q

Tailoring

A

Modifying the list of security controls within a security standard/ baseline to align with the organization’s mission

24
Q

Proprietary Data

A

Proprietary data refers to any data that helps an organization maintain a competitive edge. It could be software code it developed, technical plans for products, internal processes, intellectual property, or trade secrets. If competitors can access the proprietary data, it can seriously affect the primary mission of an organization.

25
Q

Data Classification

A
  • identifies the value of the data to the organization and is critical to protect data confidentiality and integrity.
  • The policy identifies classification labels used within the organization.
  • It also identifies how data owners can determine the proper classification and how personnel should protect data based on its classification.
26
Q

Data Loss Prevention

A
  • systems attempt to detect and block data exfiltration attempts. These systems have the capability of scanning unencrypted data looking for keywords and data patterns
  • Network-Based DLP A network-based DLP scans all outgoing data looking for specific data. Administrators place it on the edge of the network to scan all data leaving the organization.
  • Endpoint-Based DLP An endpoint-based DLP can scan files stored on a system as well as files sent to external devices, such as printers.