Domain-2 Flashcards
Application Encryption
Encryption engine is in the application using the database
Transparent Encryption
Encryption engine is within the database
common challenge w/key management
- Access to the key
- Key storage
- Backup & replication
Key escrow & management considerations
take into account of all relevant laws, regulations, & jurisdiction requirements
When possible key management should be conducted separately from CSP, why?
to enforce SOD & force collusion if unauthorized data access is attempted
Tokenization
The process of replacing sensitive data element with nonsensitive equivalent
Anonymization
The process of removing the direct identifiers in order to prevent data analysis tools from collating or pulling data from multiple sources to identify an individual or sensitive information.
Data Masking/Obfuscation
The process of hiding, omitting or replacing sensitive data from a data set.
Bit splitting
Splitting up & storing encrypted information across different cloud storage services.
Classification
The process of determining the impact of the loss of CIA of the information/asset to an organization
Labeling
referred to as tagging the data with additional information (department, location, and creator). One of the labeling options can be classification according to a certain criteria such as top secret, secret, or classified.
Classified data (Government/Military)
- Top secret
- Secret
- Confidential
Controller
determines the purposes & means of the processing of personal data
Processor
processes personal data on behalf of the controller
IRM protects files from
unauthorized copying, viewing, printing, forwarding, deleting, and editing
DRM vs IRM
DRM - songs and movies
IRM - documents, spreadsheets, & presentations
DRM primary goal
to protect intellectual property from being copied and distributed without properly compensating the owners of the property
The Digital Millennium Copyright Act, amended to the US copyright law,
criminalized the use of techniques intended to circumvent DRM technology
Enterprise DRM
aka - IRM; Focused at protecting enterprise assets such as documents and e-mails through implementation of usage rights policies
the objective of data retention policy
- to keep important information for future use or reference
- to organize information so it can be searched and accessed at a later date
- to dispose of information that is no longer needed
Data retention policy should define:
Retention periods
Data formats
Data security
Data retrieval procedures
Data retention policy should have:
- Regulatory/Statutory compliance objective(s) - what are we liable/accountable for?
- Data mapping - what types of data do we have?
- Data classification - where is the data and what is it worth?
- Retention period - How long do we need to keep data?
- Monitoring - How effective/efficient are we?
overwriting
writing random data over the actual data
Encryption
using an encryption method to re-write the data in an encrypted format to make it unreadable w/o encryption key
Data archiving
moving data from production systems to long term storage systems
Data archiving policy
- Data encryption procedures
- Data monitoring procedures
- Abilities for eDiscovery
- BCDR options
- Allowed data format and media types
- Data restoration procedures
- Legal Hold capabilities
Legal hold
aka-litigation hold, a notification sent from an organization’s legal team to employees instructing them not to delete electronically stored information (ESI). OR discard paper documents that may be relevant to a new or imminent legal case
Spoilation
deletion or modification of potentially relevant evidence
Relevant cloud SLA contract (IaaS)
- Cloud or network perimeter network logs
- Logs from DNS Servers
- VM monitor (VMM) logs
- Host OS & Hypervisor logs
- API access logs
- Management portal logs
- Packet captures
- Bill records
Self-authenticating
evidence pertains to any item a party can submit without offering additional proof showing its authenticity
