Data Protection

Question 1

Data Protection

Answer 1

process of safeguarding data from corruption, compromise, and/or loss

Question 2

Data Classification

Answer 2

category based on the organizations value and sensitivity if the data was disclosed

Question 3

Sensitive Data

Answer 3

anything that results in loss of security or advantage to a company

Question 4

Data Ownership

Answer 4

person who handles the confidentiality, integrity, available, and privacy of data

Question 5

Data Owner

Answer 5

highest role w/ the responsibility for maintaining the state of the data

Question 6

Data Controller

Answer 6

holds responsibility for deciding the methodology of data control and legal ramifications

Question 7

Data Processor

Answer 7

group or individual hired by a data controller to help with working his method

Question 8

Data Steward

Answer 8

focused on the quality of data and the associated metadata

Question 9

Data Custodian

Answer 9

responsible for handling the management of the system

Question 10

Privacy Officer

Answer 10

role that is responsible for the oversight of any privacy related data

Question 11

Data at Rest

Answer 11

any data stored in databases, file systems, or a storage solution

Question 12

Full Disk Encryption (FDE)

Answer 12

encrypting the data at rest

Question 13

Partition, File, Volume, Database, Record

Answer 13

encryption

Question 14

Data in transit

Answer 14

as stated

Question 15

Secure Sockets Layer (SSL) & Transport Layer Security (TLS)

Answer 15

cryptographic protocols designed to provide secure communications over a network

Question 16

Internet Protocol Security (Ipsec)

Answer 16

protocol collection used to secure IP connections by authentication and encrypting each IP packet

Question 17

Data Types

Answer 17

Regulated, Personal Identification Information (PII), Protected Health Information (PHI), Trade Secret, Intellectual Property, Legal/Financial Information

Question 18

Data Sovereignty

Answer 18

digital information is subject to the laws of the country its located at

Question 19

General Data Protection Regulation (GDPR)

Answer 19

European union strict rules for data protection and grants individuals strong rights over their data

Question 20

Encryption

Answer 20

transform plain text data to cipher text using an algorithm and key

Question 21

Hashing

Answer 21

turns data into a fixed size of numerical and/or alphanumeric characters

Question 22

Masking

Answer 22

replacing same or all of the data with a placeholder

Question 23

Tokinization

Answer 23

replaces sensitive data with non-sensitive

Question 24

Obfuscation

Answer 24

making data unclear or unintelligible to unauthorized individuals

Question 25

Segmentation

Answer 25

dividing a network into segments each with their own security controls

Question 26

Permission Restrictions

Answer 26

defining who has access to specific data and what they can do with it

Question 27

Data Loss Prevention

Answer 27

set up to monitor the data of a system while its in use/rest/transit

Question 28

Endpoint DLP System

Answer 28

piece of software installed to monitor the data in use of that system

Question 29

Network DLP System

Answer 29

software placed on the network to monitor data in transit

Question 30

Storage DLP

Answer 30

software on server/data center to monitor data at rest

Question 31

Cloud DLP

Answer 31

monitor the cloud data