Domain 2. Asset Security Flashcards
Refers to the use of security attributes for internal data structures within information systems. And helps to enable information system-based enforcement of security policies. Can be used to control access to information.
Security labeling.
Human-readable security attributes. Enable organizational process-based enforcement of security policies. Reflects applicable laws, directives, policies, regulations, and standards.
Security marking.
Required for both digital and nondigital media. Digital media (diskettes, optical disks, magnetic tapes, HDD, and flash drives). Nondigital media (paper and microfilm).
Security labeling.
What is anonymization, pseudonymization, and tokenization?
Anonymization - removes all personal data that can be used to identify the original subject or individual. Cannot be reversed.
Pseudonymization - uses aliases or artificial identifiers, to represent other data. The aliases is still linked to the original information. Can be reversed even when implemented properly.
Tokenization - is similar to pseudonymization. Instead of aliases, it uses tokens to represent other data. Although the token has no meaning on its own, the token can be linked back to the original information. Commonly used in credit card transactions to protect cardholder data.
Is information that can be recovered from a storage medium by reconstructing the data.
Data remanence.
Least likely to prevent data remanence on an HDD. Performs an OS delete operation, which simply marks storage space as unavailable instead of clearing the data.
Erasing.
Also known as overwriting. It’s a data sanitization method that writes data one or more times over the medium. Involves a three-step process, each of which involves writing structured or random patterns of data onto the medium.
Clearing.
The process in which data is overwritten many times and is more intense than clearing. Sometimes combined with another data sanitization method, such as degaussing. However, methods exist to recover this data.
Purging.
Involves the use of strong magnetic field to erase data from magnetic media, such as HDDs and magnetic tapes. Typically destroys the drive electronics as well, so you will not have any assurance that the data has indeed been remove from the drive platters.
Deguassing.
The most secure data sanitization method?
Destruction.
It’s a data sanitization method that’s most likely to prevent data remanence on an SSD?
Encryption.
Why? the data is unreadable even if another sanitization method is ineffective.
Are an access control vulnerability that involves the theft of information by capturing and analyzing the electromagnetic leakage of electronic devices.
Emanations.
Can be mitigate by enclosing cabling in metal shielding or conduit.
Best describes slack space on a disk?
Unused space in a cluster on a hard disk is known as slack space.
It removes a file name from a list of file names. But does not actually remove the data from the clusters. Instead, it removes the file name from the FAT, marking the space on the disk as available for writing.
OS delete function.
The most important step in protecting sensitive information?
Labeling.
Why? refers to the use of security attributes for internal data structures within information systems.