Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

cipt exam > II: Fundamentals of Privacy-related IT > Flashcards

II: Fundamentals of Privacy-related IT Flashcards

1
Q

Privacy Notice

A

A notice to users that explains how data is collected, used, retained and disclosed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Privacy Policy

A

An internal document meant to communicate the organization’s privacy best practices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Security Policy

A

Use access controls to prevent unauthorized access to company data. Also establishes a policy on physical security from both internal and external threats.

Less about preventing excessive data collection and more about preventing unauthorized access to data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Data classification policies (security policy)

A

Policies for granting and revoking access to assets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Data schema (security policy)

A

Used to separate customer information (e.g. separating personal information from purchase data), helping to ensure a compromised system doesn’t expose everything.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Data retention (security policy)

A

Policy for retention and eventual removal of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Data deletion (security policy)

A

Remove data when it’s no longer needed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Contracts and agreements

A

Agreements with third-party vendors regarding data storage (e.g. GCP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

COBIT

A

Business and IT goals are linked and measured to create responsibilities of business and IT teams.

Meant to ensure companies follow the law, become more agile and earn more.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

ITIL

A

Framework for aligning IT services with the needs of the business.

Describes processes, procedures, tasks and checklists that are neither organization-specific nor technology-specific.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Data inventories

A

An inventory of data meant to help protect privacy. Requires knowing:

  • how data is collected
  • how data is processed
  • where data is stored
  • how data is classified
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Enterprise Architecture

A

The overall organizational design of a system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Privacy Impact Assessment

A

Process to assist organizations in identifying and managing privacy risks that arise from new projects, initiatives, systems, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Incident Responses

A

Response to data breach. Some incidents are security incidents, some are privacy incidents, and some are both. Examples include:

  • DoS
  • Malware Infection
  • Hacking attempts
  • Data exfiltration
  • Lost Devices
  • Misdirected emails

Some breaches expose proprietary business data, rather than personal data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Security and Privacy in the System Development Life Cycle

A
  1. Securely Provision
  2. Operate and Maintain
  3. Protect and defend
  4. Investigate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

cipt exam (22 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions