DATA Protection

Question 1

What is data protection?

Answer 1

Safeguarding intel from corruption compromise or lost.

Question 2

What is data classification?

Answer 2

Based on value on the org and how sensitive the info is.
Data owner is the one that determines this level.

Question 3

Public Data

Answer 3

Has no impact due to being open source to everyone.

Question 4

Sensitive Data

Answer 4

Has minimal impact like org finance data.

Question 5

Private Data

Answer 5

Personal record salary etc within the organization.

Question 6

Confidential Data

Answer 6

Trade secrets, source code can really affect the business if released.

Question 7

Critical Data

Answer 7

Very valuable like credit card numbers it is very important to not have this release.

Question 8

Sensitive but unclassified

Answer 8

Would hurt national security people but rather the people that is in the org.

Question 9

Confidential

Answer 9

Data that could harm the goverment if it gets realsed.

Question 10

Secret

Answer 10

Damage in national security knowing deployments etc.

Question 11

Top Secret

Answer 11

Blue prints for weapons or etc that can harm alot of people and places.

Question 12

Data Owenership

Answer 12

Process of who is responsible for the C.I.A OF the intel.

Question 13

Data Owner

Answer 13

Senior exec role, maintains CIA of the asset.Makes the rules on how to control things.

Question 14

Data Controller

Answer 14

Hold responsibility for deciding the purposes and methods of data storage collection and usage. Accountable for any breaches

Question 15

Data Processor

Answer 15

Group or indiviudal hired by data controller. Help with task to store analayze data sup by controller.

Question 16

Data Steward

Answer 16

Works for the data owner, making sure everything is classified correctly.

Question 17

Data Custodian

Answer 17

Enforces access controls. SYSadmin follow the requriments of owner.

Question 18

Privacy Officer

Answer 18

Incharge of PII phi etc. Oversights it and will be on the hook if a breach happens.Do legal work on following protocols.

Question 19

Data at rest

Answer 19

Any data that is stored in databases file systems and storage does not move. Threat actors want to get this.

Question 20

Full disk encryption

Answer 20

Encrypts the entire hard drive.

Question 21

Partition Encryptuon

Answer 21

Encrypts partitions of a hard drive leaving other unencrypted

Question 22

File Encryption

Answer 22

Encrypting indivual files when needed to be secured.

Question 23

Volume encryption

Answer 23

Encrtyps set of slected files or directiores.

Question 24

Database Encryption

Answer 24

Encrypts data stored in data base

Question 25

Record Encryption

Answer 25

Specificl files within a data baseD

Question 26

Data in trasit

Answer 26

Data moving from one location to another.
SSL & TLS
VPNS
IPSEC

Question 27

SSL & TLS

Answer 27

cryptographic protocols designed to provide secure communication over computer network.Web browsing emails etc

Question 28

VPN

Answer 28

Creats secure connection over a less secure network.

Question 29

IPSEC

Answer 29

Used to secure IP communication by authentication and encrypting each ip packet in a data stream.

Question 30

Regulated Data

Answer 30

Control by laws regulation or industry starndards.

Question 30

DATA IN USE

Answer 30

Data actively being processed.

Question 31

TRADE SECRETS

Answer 31

BUSINESS INFO THAT provides company with a competitive edge.

Question 32

Intellectual Property

Answer 32

Creations by the mind covered by patents trademarks etc.

Question 33

Legal Info

Answer 33

Data related to legal proceedings.

Question 34

Financial Info

Answer 34

Data realted to an org financial transaction,sales invoices etc.

Question 35

Data Soverignty

Answer 35

Digital info is subject to laws of the country in which it is located.

Question 36

GDPR

Answer 36

GENERAL DATA PROTECTION REGULATION.

Question 37

Masking

Answer 37

Replacing some or all data in field with a place holder to conceal the data.

Question 38

DLP

Answer 38

Data loss prevention, set up to monitor data in system while in use transit or rest.

Question 39

Endpoint DLP SYSTEM

Answer 39

Piece of software in workstation or laptop that is going to monitor data that is in use of the computer.If a file transfer happens it will stop or do an alert like a IDS IPS can be set for detection or prevention moce

Question 40

Network DLP system

Answer 40

Checks the data going in and out for the network.

Question 41

Storage DLP

Answer 41

Software installed on server in data center and inspects the data while in the server.

Question 42

Cloud Based DLP

Answer 42

Is a SaAs is apart of the cloud service and storage needs.

Question 43

DATA IN FLUX

Answer 43

The three recognized states of data in the context of data security are data at rest (data that is stored), data in use (data that is currently being processed), and data in transit (data that is being transferred from one location to another). “Data in flux” is not a recognized state of data.