Domain 2: Asset Security

Question 1

Sensitive Data

Answer 1

any info that isn’t public or unclassified

Question 2

PII

Answer 2

Personal Identifiable Information - any info that can be used to distinguish or trace an individuals identity

Question 3

PHI

Answer 3

Protected Health Information - any health info that can be related to a specific person

Question 4

Proprietary Data

Answer 4

any data that helps an org maintain a competitive edge

Question 5

DLP Server

Answer 5

Data Loss Prevention Server, emails pass through, detects labels on data or applies necessary security measurs

Question 6

Data at Rest

Answer 6

data stored on media

Question 7

Data in Transit

Answer 7

data in motion, data transmitted over a network

Question 8

Data in use

Answer 8

data in temporary storage buffers while an application is using it

Question 9

Handling

Answer 9

secure transportation of media through its lifetime

Question 10

Data Remanence

Answer 10

The data that remains on a hard drive as a residual magnetic flux

Question 11

How to remove data remanence

Answer 11

degausser for magnetic media, not SSDs. Use destruction to a size of 2 mm

Question 12

Erasing

Answer 12

deleting files, remains on the drive until space runs out

Question 13

Clearing

Answer 13

prepare media for reuse and assure the cleared data cannot be recovered

Question 14

Purging

Answer 14

more intense form of clearing, repeat clearing or combine with another process

Question 15

Declassification

Answer 15

any process that purges media or a system in preparation for reuse in an unclass environment

Question 16

Sanitization

Answer 16

combination of processes that removes data from a system of from media ensuring it cannot be recovered by any means

Question 17

Degaussing

Answer 17

create a strong magnetic field that erases data on magnetic media

Question 18

Which protocol do most HTTPS transmissions use?

Answer 18

TLS - Transport Layer Security

Question 19

What was the predecessor to TLS?

Answer 19

SSL - Secure Sockets Layer but it is susceptible to the POODLE attack

Question 20

What does a VPN use?

Answer 20

IPsec combined with L2TP

Question 21

Which protocols would be used to protect data in transit on internal networks?

Answer 21

IPsec and SSH (Secure Shell)

Question 22

What are secure protocols used to transfer encrypted files over a network?

Answer 22

SCP (Secure Copy) and SFTP (Secure File Transfer Protocol)

Question 23

This person has the ultimate org responsibility for the data

Answer 23

data owner - typically CEO

Question 24

This person owns the system that processes sensitive data

Answer 24

System Owner

Question 25

This person is usually the PM

Answer 25

Business/Mission Owner

Question 26

Data processor

Answer 26

a natural or legal person which processes personal data solely on behalf of the data controller

Question 27

This person is responsible for granting appropriate access to personnel

Answer 27

Admins

Question 28

This person handles day to day tasks usually assigned by data owner

Answer 28

custodian