Domain 2 Flashcards
The information Lifecycle includes:
1) Classification
2) Categorization
3) Ownership
4) Maintenance
Governance Data Classification Labels in level of secrecy are:
1) Top Secret - highest level of information classification and can cause EXCEPTIONALLY GRAVE DAMAGE to national security
2) Secret - can cause SERIOUS DAMAGE to national security
3) Confidential - can cause DAMAGE to national security
4) Sensitive but Unclassified (SBU) - does not cause damage to national security
5) Unclassified - neither sensitive or classified and public release does not violate confidentiality
Compromise of data means:
“severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals”
What are the data classification criteria that determine how data is classified?
1) Value - what is the information worth to the company and what if it is lost or compromised?
2) Age - How current is the information? does your organization need data that is five years old? Is real-time information more important ?
3) Useful Life - At what point is data in your system no longer worth protecting?
4) Personal Association - PII, PHI, financial information
What can require the release of information that would otherwise remain protected?
1) Court orders, legal statutes
2) FOIA (Freedom of Information Act) - requests seek release of government information
3) Contractual obligations
4) Senior level management approval - e.g., NDA on file for the recipient of the data
Data Ownership: _____ is ultimately responsible for the success of an organization. They are high-ranking officials who are responsible for establishment of an organization’s computer security program and goals. They set priorities to support the mission of the org. They must implement an effective and appropriate data classification program and provide adequate funding and manpower to implement, maintain and enforce the program policy when needed. They should also oversee an audit program and receive periodic reports of violations
Business/mission owners
Data Ownership: _____ are members of management responsible for ensuring appropriate protection of specific data. They have the final corporate responsibility for protection of specific data. They must take measures to adequately protect their information and networks from all significant threats.
Data Owners / Information Owners
They have the final say towards security, decide what is appropriate, ultimately responsible for the data, and determines who can access it.
They also:
- Assign classification
- Ensure proper security controls are in place to protect the information
- regularly review who has access to the information
- Serve as the main point of contact to approve access to data
- Name someone else to replace them in case of absence
Data Ownership: _____ are responsible for the computer system (hardware or software) and the system design, plan, updates and training (also the procurement, development, integration, modification, operation and maintenance of the system.
System Owner
Data Ownership: _____ performs hands on activities to achieve data protection requirements dictated by owners. They conduct any activities regarding the maintenance of the data. They provide the hands on management of the data as dictated by the data owner. They do not make critical decisions, they just implement the decisions about the data
Custodian
- Performing, testing and verifying data backups
- Data restoration from backups
- Patching of operating systems and applications
- Maintaining endpoint security software
Data Ownership: ____ are those individuals who have been granted access to and leverage data during the course of their job. The most important responsibility is adhering to the security policies and proper use of data and files
Users
Acceptable Use Policies are one way to make sure users know what is expected of them. They should be trained in the security policies and procedures and held accountable if they fail to adhere to the policies. They should take adequate measures to protect the data (e.g., strong passwords, locking your station)
Sensitive Data Collection - limitation is:
limitation on the collection of sensitive data - organizations should collect the minimum amount of sensitive data required to provide a given service.
Organizations must clearly define roles involved with creation and access to sensitive data.
The Organization for Economic Cooperation and Development (OECD) states - there should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject.”
Data Ownership: _____ is the organization that creates/manages sensitive data (e.g., salary data managed by HR).
Data Controller - must legally ensure the security of data accessed by data processors
Data Ownership: _____ are third-party companies that access an organizations sensitive data (e.g., outsourced payroll company - ADP).
Data Processor
_____ is information that persists on media after attempted removal.
Data Remanence
Data destruction and re-use types:
Magnetic media: (magnetic tape, floppy disks, hard disk drives)
- sector by sector overwrite
- degaussing (oven that destroys the data) - also referred to as purging
Physical destruction ** - best way to get rid of data
Paper reports:
- shredding
- burning
Types of data removal:
- clearing - overwriting the data multiple times (not worth doing this. Never guarantees complete removal)
- Purging - refers to degaussing magnetic media
- destruction - physically destroying media by burning or crushing
Data storage directly accessibly by the CPU is:
Real, main or primary memory
- higher speed data retreival
Examples are registers, SRAM and DRAM
Data stored in a location not able to be directly accessed by the CPU is:
Secondary memory / storage
- slower retreival and use of data stored in secondary memory
Examples are disk-based storage
Power must be supplied for data to . If separated from power, the ____ will lose data
Volatile storage
e.g., registers, SRAM and DRAM - this is random access memory (RAM)
If power is lost, _____ will maintain data
Non-volatile storage
e.g., secondary storage like hard disk drives, solid state drives and firmware. This is read-only memory - ROM
____ are storage devices that are read and written to in a sequential order
Sequential access memory/storage
- older and slower technology used by magnetic tape. Think, VHS player
____ are storage devices that allow for jumping to a location and reading or writing of data
Random access memory / storage (RAM)
- faster technology that is more complex than sequential access storage
RAM vs. ROM
RAM:
- volatile
- three types - registers, SRAM and DRAM
- faster and more expensive
- larger storage capacity
- read and write capability
- can be modified
ROM:
- Non-volatile
- Three types - PROM, EPROM, EEPROM
- slower and less expensive
- smaller storage capacity
- Read only
- data cannot be modified
- allows system to be rebooted
- firmware is a type of ROM but can be updated but expected to be done infrequently
Most systems contain a large amount of RAM and just a small amount of ROM
Types of RAM:
1) Registers: small storage locations used by the CPU to store instructions and data. Located in the CPA. Fastest of all RAM
2) SRAM - Static RAM: very fast, less amount, used for cache memory - static and cache are the same. Does not need to be refreshed like DRAM. More expensive than DRAM but faster. As long as the system is supplied with electricity, SRAM keeps its contents safe without requiring constant refresh cycles. It is much faster. It is much more expensive which makes it unsuitable for main memory use. Instead it is used as cache memory - a special fast storage buffer that holds copies of data or instructions likely to be requested soon by the CPU
3) DRAM - dynamic RAM: refreshed on a regular basis. Cheapest and most common. The main memory. The system needs to continually refresh the data stored or it is lost
The fastest memory is the closest to the CPU
_____ is a type of program somewhere between hardware and software.
Firmware
- Does not typically allow modification (writing or deleting) of data via simple means such as those used with traditional hard disks. Firmware is generally the controlling software for a device that is placed in a special type of ROM, which can be updated as new releases become available
