Regulatory Flashcards

1
Q

What is Federal Information Security Management (FISMA)

A

FISMA - 2002 - Applies to all Federal Agencies or companies that receive grant money. Requires implementation of information security controls that use a risk-based approach. Handles security by enumerating risks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is NIST

A

Created in early 1900’s to develop standards for weights and measures. Serves to promote technology and innovation in the US

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is FedRAMP

A

Federal Risk and Authorization Management Program - Defines rules for for government agencies that contract with cloud providers. More stringent than FISMA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is HIPAA

A

Protects data of patients in the US healthcare system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Sarbanes Oxley Act (SOX)

A

SOX - Regulates financial data, operations and assets for publicly held companies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Gramm-Leach-Bliley Act (GLBA)

A

1999 - Aims to protect information (PII) which is any data belonging to customers of financial institutions. Every record must be secured against unauthorized access, tracking of access to records, and notify customers when their information is shared.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is CIPA

A

Childrens Internet Protection Act of 2000 requires schools and libraries to prevent children from accessing obscene or harmful content of the internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is COPPA

A

1988 - Protects the privacy of minors younger than 13 by restricting organizations from collecting PII, obtain parental consent and notify parents of data collection. Difficult because it’s hard to determine users age accurately

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is FERPA

A

Family Education Rights and Privacy Act of 1974 - Applies to students and defines how institutions must handle student records to protect them and how people can view or share them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is GDPR

A

2018 - GDRP covers data protection privacy for everyone in the EU. Requires consent before collecting any data, famous for cookie banner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is PCI DSS

A

Payement Card Industry Data Security Standard - Made for credit card processing companies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is FCRA

A

1970 - Fair Credit Reporting Act - Regulates how private businesses use personal information. Three agencies that do this

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

EU Directive 95/46/EC

A

The Data Protection Directive, officially Directive 95/46/EC, enacted in October 1995, was a European Union directive which regulated the processing of personal data within the European Union and the free movement of such data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly