Data Security

Question 1

Data States

Answer 1

• Data at Rest
• Data in Motion
• Data in Use

Question 2

NIST SP 800-111

Answer 2

Guide to Storage Encryption Technologies for End User Devices

Question 3

Scoping vs Tailoring

Answer 3

Scoping is the process of taking a broader standard and trimming out the irrelevant or otherwise unwanted parts.

Tailoring, on the other hand, is when you make changes to specific provisions so they better address your requirements

Question 4

Digital Asset Management

Answer 4

Is the process by which organizations ensure their digital assets are properly stored, well protected, and easily available to authorized users.

Question 5

Digital Asset Management typically involves the following tasks:

Answer 5

• Tracking
• Effectively implementing access controls
• Tracking the number and location of backup version
• Documenting the history of changes
• Ensuring environmental conditions do not endanger storage media
• Inventory of digital assets
• Carrying out secure disposal activities
• Internal and External labeling

Question 6

Digital Rights Management (DRM) refers to…

Answer 6

A set of technologies that is applied to controlling access to copyrighted data.

Question 7

What is Steganography?

Answer 7

Is a method of hiding data in another media type so the very existence of the data is concealed.

Question 8

Three-Components involved in Steganography

Answer 8

• Carrier: A signal, data stream, or file that has hidden in information (payload) inside of it
• Stegomedium: The medium in which the information is hidden
• Payload: the information that is to be concealed and transmitted

Question 9

Lease Significant Bit (LSB)

Answer 9

A method of embedding the message into some types of media is to use the LSB.

Question 10

Data Loss is a

Answer 10

The flow of sensitive information, such as PII, to unauthorized external parties

Question 11

Data Loss Prevention (DLP)

Answer 11

Compromises the actions that organizations take to prevent unauthorized external parties from gaining access to sensitive data.

Question 12

Data Leak means

Answer 12

That the confidentiality of the data had been compromised (e.g., when the laptop thief posts the files on the internet)

Question 13

General DLP approach:

Answer 13

• Data inventories (identifying sensitive data)
• Data Flows
• Data Protection Strategy
  (Risk Assessment)
  
  • Backup and recovery
  • Data Life Cycle
  • Physical Security
  • Security Culture
  • Privacy
  • Organizational Change
• Implementing, Testing, and Tuning
  
  • Sensitive data awareness
  • Policy engine
  • Interoperability
  • Accuracy

Question 14

Network DLP (NDLP)

Answer 14

NDLP Products are normally implemented as appliances that are deployed at the perimeter of an organization’s networks.

Question 15

Endpoint DLP Applies

Answer 15

• Protection policies to data at rest and data in use.
• this software usually called “DLP Agent”

Question 16

Hybrid DLP means

Answer 16

NDLP + EDLP

Question 17

CASB - Cloud Access Security Broker

Answer 17

Is a system that provides visibility and security controls for cloud services.

Question 18

CASB do their work by leveraging one or two techniques:

Answer 18

Proxies or API (Application Programming Interfaces)