Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP2020 > Domain 2 - Asset Security > Flashcards

Domain 2 - Asset Security Flashcards

1
Q

What is Data Remanence?

A

Data remanence is the data that remains on media after the data was supposedly erased.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does a degausser do?

A

It removes information from media by generating a strong magnetic field

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does Erasing media mean?

A

Erasing media is simply performing a delete operation against a file, a selection of files or the entire media.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does Clearing media mean?

A

Cleaning or overwriting is a process of preparing media for reuse and ensuring that the cleared data cannot be recovered using traditional recovery tools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does Purging media mean?

A

Purging is a more intense form of cleaning that prepared media for reuse in less secure environments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is Declassification?

A

Declassification involves any process that purges media or a system in preparation for reuse in an unclassified environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the catch with L2TP?

A

L2TP transmits data in cleartext, but L2TP/IPsec encrypts data and sends it over the internet using tunnel mode to protect it while in transit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the responsibilities of the Data Owner?

A

The Data Owner is the person who has ultimate responsibility for the data. They establish the rules for appropriate use, provides input on security requirements, decide who has access, and assists in the identification and assessment of the common security controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the responsibilities of the Asset Owners?

A

The asset owner (or system owner) is the person who owns the asset or system that processes sensitive data. They maintain the system security plan and ensure that personnel receives appropriate security training.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the responsibilities of the Data Processors?

A

The data processors process personal data on behalf of the data controller (owner).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the penelty for GDPR?

A

4% of global revenue or 20 euro, which ever is higher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is Pseudonymization?

A

Replacing data with articifial identifiers (such as pseudonyms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is Tokenization?

A

Tokenization uses tokens to represent other data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the responsibilities of the Data Administrators?

A

A data administrator is responsible for granting appropriate access to personnel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the responsibilities of the Data Custodians?

A

Data owners often delegate day-to-day tasks to a custodian

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is scoping?

A

Scoping refers to reviewing a list of baseline security controls and selecting only those controls to the system you’re trying to protect.

17
Q

What is tailoring?

A

Tailoring refers to modifying the list of security controls within a baseline so that they align with the mission of the organization.

CISSP2020 (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions