ISC2 - Study Notes 20 Flashcards
In general, marking refers to using digital methods to identify the data classification. Labeling refers to using physical labels to identify the data classification.
Info
Management Personnel in management and leadership positions define the data classifications and specify the requirements to protect data with different classifications. A data policy or security policy includes these definitions, and management personnel ensure the policy is available to everyone within the organization.
Info
have primary responsibility for protecting the data based on its classification and requirements stated within a security policy. When ??? create data, they identify the appropriate classification and mark or label the data according to requirements dictated in the data policy. They periodically review the data and modify the classification if necessary based on changes within the organization.
Data Owners
In some cases, the data owner delegates various data-related tasks to a ??? For example, a ??? could perform regular backups of the data based on requirements stated within a backup policy.
Data Custodian
Data in use The web server decrypts the sensitive data and the web application processes it in an unencrypted format. When the web application is done with the data, it clears the data buffers holding this data.
Storage media refers to how data at rest is stored.
Archiving refers to making a backup of data and keeping it for long-term storage.
Retention refers to how long archives and other data are kept.
Info
Sanitizing (or purging) Sanitization methods remove all residual elements of data, preventing someone from accessing it. After sanitizing media, personnel can reuse it or dispose of it.
Deduplication refers to ensuring that a file is stored only once on a system, even if multiple users have access to the same file.
Info
have the ability to scan all traffic that exits a network. This includes e-mail and attachments. These devices can look for specific data and block it before it leaves the network. ??? systems help prevent data from leaving a network.
Network-based DLP devices
(IRM) refers to the different methods used to protect sensitive information from unauthorized access. IRM is a subset of digital rights management (DRM). DRM is much broader and typically refers to protecting media such as music and video. IRM focuses on documents. It allows people to specify access permissions to different documents that they share, even after the documents leave their control.
Info
primary key is used to uniquely identify each row (tuple). It ensures that each item has only a single row and that the item can easily be identified using the primary key. Each row, or tuple, contains a unique data element. Columns, or attributes, provide additional details on the data. A foreign key provides a relationship to another table.
Info
are related to each other using the primary and foreign keys. The primary key ensures that each row (tuple) within a table is unique. The foreign key in one table points to a unique primary key in another table to create the relationship.
Tables
