Data Classification

Question 1

What is the most important step in properly handling and controling data?

Answer 1

Assigning responsibilities according to who has possession and legal ownership of it, which are usually associated with named roles.

Question 2

What role collects and creates the data?

Answer 2

Data owner

Question 3

Who is usually the data owner?

Answer 3

Cloud customer

Question 4

Many international treaties/frameworks refer to the data owner as…

Answer 4

The data controller

Question 5

Who is the person/entity tasked with daily maintenance and administration of the data?

Answer 5

Data custodian

Question 6

The _____ applies the proper security controls and processes as directed by the data owner.

Answer 6

data custodian

Question 7

Who might be the data custodian?

Answer 7

Database administrator

Question 8

Who is tasked with ensuring the data’s context and meaning are understood and data is used properly?

Answer 8

Data stewards

Question 9

Who manipulates, stores, or moves data on behalf of the data owner?

Answer 9

Data processor

Question 10

Copying, printing, destroying, and utilizing data is called…

Answer 10

Processing

Question 11

From an international perspective, who is the data processor?

Answer 11

The Cloud Provider

Question 12

T/F Data processors can be third parties

Answer 12

True

Question 13

______ remain legally responsible for all data they own.

Answer 13

Data owners

Question 14

T/F System owners are always data owners.

Answer 14

False - not necessarily

Question 15

• Regulatory compliance
• Business function
• Functional unit
• Project
  All drive _____

Answer 15

Data categorization

Question 16

Who is in the best position to categorize the data?

Answer 16

Data owners

Question 17

Who is responsible for data classification?

Answer 17

Data owner

Question 18

Data classification types:

Answer 18

• Sensitivity
• Jurisdiction
• Criticality

Question 19

Data classification is often based on…

Answer 19

Organizational policies

Question 20

What is it called when data shared between orgs must be normalized and translated so that it’s meaningful to both parties?

Answer 20

Data mapping

Question 21

Data classifications and labels are carried through mapping to ensure…

Answer 21

That data used in another context does not lose its security controls and oversight.

Question 22

• Date of creation
• Date of scheduled destruction/disposal
• Confidentiality level
• Handling directions
• Dissemination/distribution instructions
• Access limitations
• Source
• Jurisdiction
• Applicable regulation

Answer 22

Information a label includes

Question 23

Why are labels often used as part of data management tools?

Answer 23

For lifecycle and security controls.

Question 24

What is a key technology component and capability in the data lifecycle?

Answer 24

Automated labeling

Question 25

What helps an org track where their data is flowing, what ports/protocols are in use, how data is secured, and what controls are in place?

Answer 25

Data flow diagrams

Question 26

What is it called when an org is creating an initial data inventory, doing electronic discovery, or using data mining tools to discover trends in data already in the inventory?

Answer 26

Data discovery

Question 27

What is a listing of traits and characteristics about specific data elements or sets?

Answer 27

Metadata

Question 28

Sorted data by meaningful attributes.

Answer 28

Structured data

Question 29

Relational databases are a type of _______?

Answer 29

Structured data

Question 30

Unsorted data, like email content, is considered ______?

Answer 30

Unstructured data

Question 31

T/F It's easier to perform data discovery on unstructured data.

Answer 31

False - easier on structured data b/c it's already arranged.

Question 32

________ uses tags or other elements to create fields and records w/in data w/out requiring rigid structure.

Answer 32

Semi-structured data

Question 33

What are some examples of semi-structured data?

Answer 33

XML and JSON

Question 34

What two things are key to designing and security data discovery and usage models?

Answer 34

Understanding how data will be used and analyzed.

Question 35

Data mining, real-time, and business intelligence.

Answer 35

3 types of data analytics methods

Question 36

The actions that authorized users can take and how those rights are set, applied, modified, and removed.

Answer 36

Data rights

Question 37

What rights are critical to ensuring that use of IRM does not disrupt the business while still being effective?

Answer 37

Provisioning

Question 38

What describes what can/cannot be done with data and who can/cannot perform certain actions?

Answer 38

Access Models

Question 39

_____ describe the rights a user has to content and _____ are used to validate the identify of the user/computer.

Answer 39

Licenses and certificates

Question 40

- Rudimentary reference checks - Online reference checks - Local agent checks - Support-based licensing

Answer 40

4 ways IRM can be applied

Question 41

- Replication restrictions - Jurisdictional conflicts - Agent/enterprise conflicts - Mapping identity and access management (IAM and IRM) - API conflicts

Answer 41

Challenges faced by employing IRM in the cloud

Question 42

- Persistent protection - Dynamic policy control - Automatic expiration - Continuous auditing - Replication restrictions - Remote rights revocation

Answer 42

Things IRM should provide, regardless of content/format

Question 43

What is an ACL?

Answer 43

Access control list

Question 44

Retention periods are often expressed in days for _____ and years for _____.

Answer 44

Ephemeral data (logs) and business data

Question 45

- Retention periods - Regulation and compliance - Data classification - Retention - Data deletion - Archiving and retrieval - Monitoring, maintenance, and performance

Answer 45

Things data retention policies should address.

Question 46

Who will delete the data, requirements for deletion, procedure documentation to show how secure deletion occurs/is validated, and compliance/legal requirements.

Answer 46

Things policies for data deletion should specify

Question 47

_____ involves identification/collection/production of data related to a case, and _____ ensure data required for a case is collected and preserved.

Answer 47

E-discovery and legal holds

Question 48

A legal hold occurs when an organization is notified that:

Answer 48

1. A law enforcement/regulatory entity is commencing and investigation 2. A private entity is commencing litigation against the org

Question 49

What rule dictates that a legal hold notice has primacy, even over federal laws like HIPPA?

Answer 49

Federal Rules of Evidence

Question 50

What can be used to regularly review, inventory, and inspect the usage and condition of owned data?

Answer 50

Data audit

Question 51

Audit periods/scope/responsibilities, processes/procedures, regulations, and monitoring/maintenance/enforcement are things to consider when conducting _____.

Answer 51

Data audits

Question 52

1. It's not often a priority. 2. It's mundane/repetitive. 3. Reviewer needs to understand the operation. 4. It's expensive.

Answer 52

Challenges in reading and analyzing logs

Question 53

What are the 3 areas to consider for audit mechanism planning and implementation in cloud environments?

Answer 53

1. Log collection 2. Log correlation 3. Packet capture

Question 54

You can only perform packet capture in what environment?

Answer 54

IaaS

Question 55

1. Physical destruction 2. Degaussing 3. Overwriting 4. Crypto-Shredding

Answer 55

on-premise data destruction options

Question 56

What is the only data destruction option in the cloud?

Answer 56

Crypto-shredding

Question 57

1. Process for disposal 2. Applicable regulations 3. Clear direction on when data should be destroyed

Answer 57

3 things a data disposal policy should include

Question 58

Encrypting data with a strong encryption engine, then encrypting those keys with a different encryption engine, and then destroying those keys is called?

Answer 58

Crypto-shredding

Question 59

What allows data to be destroyed while leaving media intact by using multiple passes of random characters written to location where data resides?

Answer 59

Overwriting

Question 60

Applying strong magnetic fields to hardware and media where data resides is called?

Answer 60

Degaussing

Question 61

T/F Degaussing does not work with solid-state drives like SSD, flash media, and thumb drives.

Answer 61

True

Question 62

Burning, melting, impact, industrial shredding data is called?

Answer 62

Physical destruction of media and hardware

Question 63

T/F Hardware/media can always be sanitized by simply deleting the data?

Answer 63

False - deleting doesn't erase data, it just removes the logical pointers to the data

Question 64

In SaaS and PaaS environments, data destruction can only be approached through:

Answer 64

Contractual requirements

Question 65

What is data left over after sanitization and disposal methods have been attempted?

Answer 65

Data remanence