Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP > Domain 2 (Asset Security) > Flashcards

Domain 2 (Asset Security) Flashcards

1
Q

What does a Steering Committee do?

A

Define risks, objectives and approaches.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What do Auditors do?

A

Evaluates business processes. Should answer to chief operating offices (third party).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does the Data Owner do?

A

Classifies data, who can access etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does the Data Custodian do?

A

Day to day maintenance of data, backups etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does the Network Admin do?

A

Ensures availability of network resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does the Security Administrator do?

A

Responsible for security related tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Why should the Network Admin and Security Admin not be the same person?

A

Separation of duties. Different focus (availability vs confidentiality).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the responsibilities of the ISO?

A

Bigger than just IT, recommend policies, standards, regulations. Reports to executives. We collect information, dont act on our own.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Who determines the classification of data?

A

Data Owner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the purpose of data classification?

A

To determine what controls should be put in place

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the difference between sensitivity and criticality?

A

Sensitivity has to do with privacy. Criticality describes the time sensitivity of the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the three states of data?

A

At rest, in process and in transit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How do you protect data at rest?

A

Encryption, EFS, TPM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How do you protect data in transit?

A

IPSec, SSL/TLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is TPM?

A

A chip on motherboard that you can use to encrypt the hard drive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What do Data Controllers do?

A

Create and manage sensitive data Example: HR

17
Q

What do Data Processors do?

A

Manage data on behalf of data controllers Example: Outsourced Payroll company

18
Q

What is Data Remanence?

A

Data that persists after deletion (as it related to data destruction)

19
Q

What is the fastest memory available in a computer?

A

Cache Memory

20
Q

What is Scoping (as it relates to standards)?

A

Process of determining which portions of a standard will be employed by a organization

21
Q

What is Tailoring (as it relates to standards)?

A

Process of customizing the standard for an organization

CISSP (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions