Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Sec+ 601 Practice Questions > Lesson 16: Explaining Data Privacy and Protection Concepts > Flashcards

Lesson 16: Explaining Data Privacy and Protection Concepts Flashcards

1
Q

Data exists in several states, each requiring different security considerations. Evaluate the following items and select which data state presents the greatest risk.

A. Data in use

B. Data in transit

C. Data in motion

D. Data at rest

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A company utilizing formal data governance assigns the role of data steward to an employee. Evaluate the roles within data governance and conclude which tasks the employee in this role performs.

A. The employee ensures the processing and disclosure of Personally Identifiable Information (PII) complies within legal frameworks.

B. The employee ensures data is labeled and identified with appropriate metadata.

C. The employee enforces access control, encryption, and recovery measures.

D. The employee ensures the data is protected with appropriate controls and determines who should have access.

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Analyze and determine the role responsible for managing the system where data assets are stored, and is responsible for enforcing access control, encryption, and backup measures.

A. Data owner

B. Data steward

C. Data custodian

D. Privacy officer

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Analyze the features of Microsoft’s Information Rights Management (IRM) and choose the scenarios that accurately depict IRM. (Select all that apply.)

A. File permissions are assigned based on the roles within a document.

B. A document is emailed as an attachment, but cannot be printed by the receiver.

C. A document does not allow screen capture to any device it is sent to.

D. An email message cannot be forwarded to another employee.

A

A,B,D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A new cloud-based application will replicate its data on a global scale, but will exclude residents of the European Union. Which concerns should the organization that provides the data to consumers take into consideration? (Select all that apply.)

A. General Data Protection Regulations (GDPR)

B. Sovereignty

C. Location

D. Roles

A

B,C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

An employee is working on a project that contains critical data for the company. In order to meet deadlines, the employee decides to email the document containing the data to their personal email to work on at home. Consider the traits of Data Loss Prevention (DLP) and evaluate the scenario to select the DLP remediation the company should utilize.

A. The email is allowed to send the file and an alert is triggered so that an administrator is aware of the incident.

B. The user should be blocked from sending the email but retain access to it. The user is alerted to the policy violation, and it is logged as an incident.

C. Access is denied to the sender and all other users within the company. The file is encrypted and moved into a quarantine area by the management engine.

D. The original file is quarantined and replaced with one describing the policy violation and how the user can release it again.

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A document contains information about a company that is too valuable to permit any risks, and viewing is severely restricted. Analyze levels of classification and determine the appropriate classification for the document.

A. Critical

B. Confidential

C. Classified

D. Unclassified

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

An organization suspects that a visitor is performing data exfiltration while on the premises. The organization knows that the visitor does not have access to any computer system. Which of the following methods does the organization suspect the visitor of using? (Select all that apply.)

A. Phone

B. USB

C. Remote access

D. Camera

A

A,D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Choose which of the following items classify as Personally Identifiable Information. (Select all that apply.)

A. Job position

B. Gender

C. Full name

D. Date of birth

A

C,D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A network manager assists with developing a policy to protect the company from data exfiltration. The employee devises a list of focus points to include. Which plans, when consolidated, provide the best protection for the company? (Select all that apply.)

A. Store backups of critical data on site within a secure space, that may be targeted for destruction or ransom

B. New employees complete initial and refresher trainings on document confidentiality and the use of encryption

C. Only allow removable media if it is company property, if it is required to perform a task, and if it has been cleared through the proper channels

D. Encrypt all sensitive data at rest and disconnect systems that are storing archived data from the network

A

B,C,D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Sec+ 601 Practice Questions (21 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions