Data Protection Concepts and Strategies

Question 1

What is the most stringent privacy and security law in the world drafted and passed by the European Union (EU)?
A. GLBA
B. PCI_DSS
C. HITECH
D. GDPR

Answer 1

D. GDPR
The General Data Protection Regulation (GDPR) is considered one of the most stringent data protection laws globally. It imposes strict rules on how organizations can collect, process, and store personal data of EU citizens.

Question 2

Which type of corporate data classification applies to information limited to employees only and often has different security requirements that affect who can access it and how it can be used?
A. Public
B. Internal
C. Top secret
D. Confidential

Answer 2

B. Internal

Question 3

What is a process of dividing and organizing data and information into defined groups to enable handling, labeling, sorting, viewing, and securing?
A. Segmentation
B. Encryption
C. Tokenization
D. Compartmentalization

Answer 3

A. Segmentation

Question 4

In which data lifecycle is data typically placed onto a volume (block), object (blob), file system, or into one of several types of databases?
A. Use
B. Share
C. Create
D. Store

Answer 4

D. Store

Question 5

Which type of data is temporarily in computer memory or Redis cache waiting to be read or updated?
A. Data in storage
B. Data at rest
C. Data in transit
D. Data in use

Answer 5

D. Data in use
Data in use refers to data that is currently being processed, accessed, or modified by a system. This includes data that is temporarily stored in computer memory (RAM) or in a cache like Redis, waiting to be read or updated.

Question 6

Which data obfuscation technique involves sending sensitive data through an API call (or batch file) to a system that replaces the data with non-sensitive, pseudorandom placeholders?
A. Encryption
B. Tokenization
C. Obscuring
D. Data mapping

Answer 6

B. Tokenization

Question 7

What is any representation of data that allows the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means?
A. Intellectual property
B. Regulated data
C. Personally identifiable information
D. Personal health information

Answer 7

C. Personally identifiable information

Question 8

Which algorithm is most commonly used to protect data at rest?
A. TLS
B. DHKE
C. AES
D. 3DES

Answer 8

C, AES
AES (Advanced Encryption Standard) is the most commonly used algorithm to protect data at rest. It is a symmetric-key encryption algorithm that is widely considered to be secure and efficient. AES is used by many organizations, including governments, to protect sensitive data.