Domain 2 Flash Cards
Accountability
It ensures that account management has assurance that only authorized users are accessing the system and using it properly. It also includes authentication, accounting, authorization per ISC2
Asset
An item perceived as having value.
Anything of value owned by the organization.
Asset lifecycle
The phases that an asset goes through from creation (collection) to destruction.
Anonymization
replaces privacy data with useful but inaccurate data; the dataset can be shared, but it removes individual identities; it is permanent. Process of removing all relevant data so that it is impossible to identify original subject or person
Baselines
A minimum level of security. Also, in terms of an information system, the set of configurations, settings for what is considered a normal state.
Clearing
The removal of sensitive data from storage devices in such a way that there is assurance that the data may not be reconstructed using normal system functions or software file/data recovery utilities. Overwriting
Classification
Arrangement of assets into categories.
Curie temperature based
intrusion detection system
(HIDS)
The critical point where a material’s intrinsic magnetic alignment changes direction.
Custodian
Responsible for protecting an asset that has value, while in the custodian’s possession. Usually someone in the IT department. Does not decide what control are needed but does implement controls for data owner
Data classification
Entails analyzing the data that the organization retains, determining its importance and value, and then assigning it to a category.
Defensible destruction
An artifact that indicates the possibility of an attack or Eliminating data using a controlled, legally defensible, and regulatory compliant way..
EPROM / UVEPROM
erasable programmable read-only memory, is a type of programmable read-only memory (PROM) chip that retains its data when its power supply is switched off; chips my be erased with ultraviolet light
EEPROM
Electrically Erasable Programmable Read-Only Memory; chips may be erased with electrical current
Inventory
Complete list of items
Lifecycle
Phases that an asset goes through from creation to destruction.
Purging
The removal of sensitive data from a system or storage device with the intent that the data cannot be reconstructed by any known technique. A more intense form of clearing that prepares media for reuse in less secure environments.
PROM
programmable read-only memory, a form of digital memory where the contents can be changed once after manufacture of the device
Qualitative Risk
Analysis
It is a technique used to quantify risk associated with a particular hazard. Risk assessment is used for uncertain events that could have many outcomes and for which there could be significant consequences.
Quantitative
Using numbers to measure something, usually monetary values.
Remanence
Residual magnetism left behind
Resources
Assets of an organization that can be used effectively.
Responsibility
Obligation for doing something. Can be delegated
RAM
Random Access Memory - volatile memory that loses contents when the computer is powered off
Randomized masking
an anonymization method that cannot be reversed when done correctly
