CISSP Domain 2: Asset Security Flashcards
Remanence
Data that persists beyond noninvasive means to delete it
Reference Monitor
Mediates all access between subjects and objects/
Scoping
The process of determining which portions of a standard/baseline will be employed by an organization
SSD
Solid State Drive: a combination of flash memory and (EEPROM) and DRAM
Labels
Objects have labels. Subjects have clearances
Government: Top secret, Secret, Confidential
Private Sector: Confidential, internal Use Only, Public
Formal approval/ authorization to specific levels of information.
Formal Access Approval
- Documented
- Access request approved by the Data Owner
- Approves subjects access to certain objects
- Subjects must understand all rules and requirements for access
- Best practices is that all access requests and access approvals are auditable
Data Classification
Confidential, Internal Use, Public
- Defines sensitive information
- Data Handling Requirements
- Data storage requirements
- Data Retention requirements
Data Owner
- Person responsible for or dependent upon the business process associated with an information asset.
- Knowledgeable about how the information is acquired, transmitted, stored, deleted, and otherwise processed.
- Determined the appropriate value and classification of information generated to business owner or department.
- Must communicate the information classification when the information is released to others
- Controls assess to their information and must be consulted when access is extended or modified
- Must communicated information classification to Data Custodian so that they can provide appropriate level of protection.
Data Custodian
-Maintains the protection of data according to the information classification associated to the by the Data Owner
Data User
- Any person, organization or entity that interacts with data for the purpose of performing and authorized task.
- Responsible for using data in a manner that is consistent with the purpose intended and in compliance with policy
Data Controller
controls the processing of sensitive data within an organization
Data Processors
processes data on behalf of data controllers
Memory
Cache
-Cache; fast and close to CPU
. Level 1 cache - located on the CPU
. Level 2 cache - connected to the CPU
Memory
RAM
DRAM
SRAM
-RAM: Random Access Memory
. Volatile
. Modules installed on slots on motherboard
-DRAM: Dynamic Random Access Memory . slower and cheaper . small capacitors to store bits . capacitors lose charge and must be continuously refreshed
-SRAM: Static Random Access Memory
, Fast and expensive
. Latches called “flip flops” to store bits (data)
. Does not require refreshing
Memory
ROM PROM EPROM EEPROM PLD
ROM: can be used to store firmware, configurations and small programs that do not change much
-PROM: (Programmable Read Only Memory)
. written once, usually by manufacturer
-EPROM: (Erasable Programmable Read Only Memory)
.can be “flashed”; usually with ultraviolet light
-EEPROM: (Electrically Erasable Programmable Read Only Memory)
. can be flashed “electrically”
. Flash memory
PLD: (Programmable Logic Device) field programmable device (EPROM EEPROM Flash)