Domain 2: Asset Security Flashcards
What term is used to describe overwriting media to allow for its reuse in an environment operating at the same sensitivity level?
A) Clearing
B) Erasing
C) Purging
D) Sanitization
A) Clearing describes preparing media for reuse. When media is cleared, unclassified data is written over all addressable locations on the media. Once that is completed, the media can be reused. Erasing is the deletion of files or media. Purging is a more intensive form of clearing for reuse in lower security areas, and sanitization is a series of processes that remove data from a system or media while ensuring that the data is unrecoverable by any means.
Which of the following classification levels is the US government’s classification label for data that could cause damage, but wouldn’t cause serious or grave damage?
A) Top Secret
B) Secret
C) Confidential
D) Classified
C) The US govt. uses the label confidential for data that could cause damage if it was disclosed without authorization. Exposure of top secret data is considered to potentially cause grave damage, while secret data could cause serious damage. Classified is not a level in the US govt. classification scheme.
What issues is common to spare sectors and bad sectors on hard drives as well as overprovisioned space on modern SSDs?
D) Spare sectors, bad sectors, and space provided for wear leveling on SSDs (Over provisioned space) may all contain data that was written to the space that will not be cleared when the drive is wiped. Most wiping utilities only deal with currently addressable space on the drive. SSDs cannot be degaused and wear leveling space cannot be reliably used to hide data. These spaces are still addressable by the drive, although they may not be seen by the operating system.
Why is it cost effective to purchase high-quality media to contain sensitive data?
A) Expensive media is less likely to fail
B) The value of the data often far exceeds the cost of the media
C) Expensive media is easier to encrypt
D) More expensive media typically improves data integrity
B) The value of data contained on the media often exceeds the cost of the media, making more expensive media that may have a longer life span or additional capabilities like encryption support a good choice. While expensive media may be less likely to fail, the reason it makes sense is the value of the data, not just that it is less likely to fail. In general, the cost of the media doesn’t have to do with the ease of encryption , and data integrity isn’t ensured by better media.
Scott is responsible for workstations throughout his company and knows that some of the company’s workstations are used to handle proprietary information. Which option best describes what should happen at the end of their lifecycle for workstations he is responsible for?
A) Erasing
B) Clearing
C) Sanitization
D) Destruction
C) Sanitization is a combination of processes that ensure that data from a system cannot be recovered by any means. Erasing and clearing are both prone to mistakes and technical problems that can result in remnant data and don’t make sense for systems that handled proprietary information. Destruction is the most complete method of ensuring that data cannot be exposed, and some organizations opt to destroy the entire workstation, but that is not the typical solution due to the cost involved.
Fred’s organization allows downgrading of systems for reuse after projects have been finished and the systems have been purged. What concern should Fred raise about the reuse of the systems from his Top Secret classified project for a future project classified as Secret?
A) The top secret data may be commingled with the Secret data, resulting in a need to relabel the system.
B) The cost of the sanitization process may exceed the cost of new equipment
C) The data may be exposed as part of the sanitization process
D) The organization’s DLP system may flag the new system due to the difference in data labels.
B) Downgrading systems and media is rare due to the difficulty of ensuring that sanitization is complete. The need need to completely wipe (or destroy) the media that systems use means that the cost of reuse is often significant mat exceed the cost of purchasing a new system or media. The goal of purging is to ensure that not data remains, so commingling data should not be a concern, nor should the exposure of data; only staff with the proper clearance should handle the systems.Finally, a DLP system should flag data based on labels, not on the system it comes from.
Lauren’s employer asks Lauren to classify patient x-ray data that has an internal patient identifier associated with it but does not have any way to directly identify a patient. The company’s data owner believes that exposure of the data could cause damage (but not exceptional damage) to the organization. How should Lauren classify the data?
A) Public
B) Sensitive
C) Private
D) Confidential
C) We know that the data classification will not be the top level classification of confidential because the loss of data will not cause severe damage. This means that we have to choose between private (PHI) and sensitive (confidential). Calling this private due to the patient’s personal health information fits the classification scheme, giving us the correct answer.
Joe works at a major pharmaceutical research and development company and has been tasked with writing his organization’s data retention policy. As part of its legal requirements, the organization must comply with the U.S food and Drug Administration’s code of federal regulations Title 21. To do so, it is required to retain records with electronic signatures. Why would a signature be part of a retention requirement?
A) It ensure that someone has reviewed the data
B) It provides confidentiality
C) It ensures that the data has not been changed
D) It validates who approved the data
D) Electronic signatures, as used in this rule, prove that the signature was provided by the intended signer. Electronic signatures as part of the FDA code are intended to ensure that electronic records are “trustworthy, reliable, and generally equivalent to paper records and handwritten signatures executed on paper.” Signatures cannot provide confidentiality or integrity and don’t ensure that someone has reviewed the data.
Scott’s organization uses the following classification process:
1) Criteria are set for classifying data
2) Data owners are established for each type of data
3) Data is classified
4) Required controls are selected for each classification
5) Baseline security standards are selected for the organization
6) Controls are scoped and tailored
7) Controls are applied and enforced
8) Access is granted and managed
If Scott is one of the data owners for the organization, what steps in this process is he most likely responsible for?
A) 3,4,5
B) 1,2,3
C) 5,6,7
D) All steps
A) Scott is most likely responsible for classifying the data that he owns as as well as assisting with or advising the system owners on security requirements and control selection. In an organization with multiple data owners, Scott is unlikely to set criteria for classifying data on his own. As a data owner, Scott will also not typically have direct responsibility for scoping, tailoring, applying or enforcing those controls.
Major Hunter, a member of the armed forces, has been entrusted with information that, if exposed, could cause serious damage to national security. Under U.S government classification standards, how would this data be classified?
A) Unclassified
B) Top Secret
C) Confidential
D) Secret
D) The US govt. specifies Secret as the classification level for information that, if disclosed, could cause serious harm to national security. Top secret is reserved for information could cause exceptionally grave harm, while confidential data could be expected to cause less harm. Unclassified is not an actual classification but only indicates that the data may be released to unclassified individuals. Organizations may still have restrict access to unclassified information.
Linux systems that use bcry[t are using a tool based on what DES alternative encryption scheme?
1) 3DES
2) AEs
3) Diffie-Hellman
4) Blowfish
D) Bcrypt is based on blow fish (the b is a key hint here). AES and 3DES are both replacements for DES, while diffie-hellman is a protocol for key exchange.
The EU general data protection regulation(GDPR) does not include which of the following key elements
A) The need to collect information for specified, explicit, and legitimate purposes
B) The need to ensure that collection is limited to the information necessary to achieve the stated purposed
C) The need to protect against accidental destruction
D) The need to encrypt information at rest
D) The GDPR does include the need to collect information for specified, explicit, and legitimate purposes; the need that collection is limited to the information necessary to achieve the stated purposes ; and the need to protect data against accidental destruction. It does not include a specific requirement to encrypt data at rest.
What is the best way to secure files that are sent from workstation A via the internet service (C) to remote server E?
A) Use AES at point A, and use TLS in transit via B and D
B) Encrypt the data files and send them.
C) Use 3DES and TLS to provide double security
D) Use a full disk enryption at A and E, and use SSL at B and D
B) Sending a file that is encrypted before it it leaves means that exposure of the file in transit will not result in a confidentiality breach and the file will remain secure until decrypted at point E. Since answers A, C, and D do not provide any information about what happens at point C, they should be considered insecure, as the file may be a rest at point C in unencrypted form
Scott’s organization performs a zero fill on hard drives before they are sent to a 3rd party organization to be shredded. What issuer is her organization attempting to avoid?
A) Data remanence while at the 3rd party site
B) Mishandeling of drives by the 3rd party
C) Classification mistakes
D) Data permanence
B) Susan’s organization is limiting its risk by sending drives that have been sanitized before they are destroyed. This limits the possibility of a data breach if drives are mishandled by the 3rd party, allowing them to be stolen, resold, or simply copied. The destruction of the drives will handle any issues with data remanence, while classification mistakes are not important if the drives have been destroyed. Data permanence and the life span of the data are not important on a destroyed drive.
What type of encryption is typically used for data at rest?
A) Asymmetric encryption
B) Symmetric encryption
C) DES
D) OTP
B) Symmetric encryption like AES is typically used for data at rest. Asymmetric encryption is often used during transactions or communications when the ability to have public and private keys is necessary. DES is an outdated encryption standard, and the OTP is the acronym for Onetime password