Data Security Flashcards
Describe the following Data states:
1) Data at Rest
2) Data in Use
3) Data in Transit
1) Inactive data stored at a physical location.
2) Data stored in memory.
3) Data traversing using a means of communication.
Describe these Data Roles and Responsibilities:
1) Data Owners
2) Data Controller
3) Data Processor
4) Data Steward/Custodian
5) Privacy Officer
6) Data Protection Officer
1) Individuals or committees that have complete control over the data in an organization.
2) The person who collects and controls the processing of data.
3) The person who processes the data given by the data controller.
4) Accountable for business/technical data sets for the transport and storage of data.
5) Officer who is responsible to the privacy of the organizations data.
6) Ensures that sensitive material meets the compliance requirements of the organization.
Describe the following Data Security Terminologies:
1) Data Access Control
2) Data Encryption
3) Data Masking
4) Data Resilience and Backup
5) Data Destruction
6) Data Retention
1) Authenticates and authorizes users to access data.
2) Protecting information so that it can’t be read by an unauthorized party.
3) Protecting informaiton by obscuring areas with random characters or code.
4) Making copies for restore and backup purposes.
5) Destroying data so that it can’t be recovered.
6) Storing data securely for compliance or business requirements.
Describe the different methods of Database Encryption:
1) Transparent/Exernal
2) Column-level
3) Symmetric
4) Asymmetric
1) Uses a symmetric key to encrypt database and all backups.
2) Encrypts individual columns using different encryption keys.
3) Advanced version of transparent where the database remains encrypted till it is not opened.
4) Uses two keys to encrypt/decrypt data.
Describe these Database Deidentification Methods:
1) Masking
2) Bucketing
3) Tokenization
4) Hashing/Salting
1) Replacing critical information with special characters.
2) Replacing unnecessary information with common values.
3) Replacing sensitive data with tokens.
4) Transforming any type of data to a fixed string length. Attaching random characters to the hased value.
Describe the different RAID methods:
1) RAID 0: Disk Stripping
2) RAID 1: Disk Mirroring
3) RAID 3: Disk Stripping with Parity
1) Splits data into even blocks across multiple drives. Data recovery is not possible if drive fails, doesn’t provide redundancy.
2) Duplicates the drive across multiple drives. Provides redundancy if one drive fails.
3) Data is stripped at the byte level across multiple drives (A0>A4). The parity drive stores the information of these multiple drive. Data recovery is possible using the parity drive.
Describe the different RAID methods:
4) RAID 5: Block Interleaved Distributed Parity
5) RAID 10: Blocks Stripped and Mirrored
6) RAID 50: Mirroring and Stripping across Multiple RAID levels.
4) The data is stripped at the byte level, the parity information all distributed amongst all member drives.
5) Is a combination of RAID 1 and RAID 0
6) Combination of RAID 5 and RAID 0
What is a Storage Area Network (SAN)?
Is a dedicated high-speed network that connects storage device.
What is Network Attached Storage (NAS)?
Is a dedicated storage and computer appliance service that is a high-perfomance file server optimized for storing, retrieving, and serving files.
Describe these Backup Methods:
1) Hot
2) Cold
3) Warm
1) Data backup while the system is running and available to users.
2) Data backup while system is not running.
3) A combination of Hot and Cold.
Describe the Types of Backups:
1) Full/Normal
2) Differential
3) Incremental
1) All system data is copied.
2) Only data that has been changed since last backup is copied.
3) Only files that have been changed or created after the last backup are copied.