Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security + (SY0-701) > Section 7.60 Data Protection and Classifications > Flashcards

Section 7.60 Data Protection and Classifications Flashcards

Objectives 14 Explain the importance of using appropriate cryptographic solutions. Objectives 3.3 Compare and contrast strategies to protect data. Objectives 4.2 Explain the security implications of proper hardware, software, and data asset management. Objectives 4.4 Explain security alerting, monitoring concepts and tools. Objectives 5.1 Summarise elements of effective security governance.

1
Q

What is Data Protection?

CCL

A

Safeguarding information from corruption, compromise, or loss

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Data Classification?

A

It’s all about the sensitivity of data, based on its value to the organisation. The sensitivity is determined by the data owner.

Classifying data - how important is the data and how much security does it require

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Sensitive Data

A

Information that, if accessed by unauthorised persons, can result in the loss of security or competitive advantage for a company

Over classifying data leads to protecting all data at a high level which is very costly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Importance of Data Classification

A

■ Helps allocate appropriate protection resources

■ Prevents over-classification to avoid excessive costs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Classification 2 main sectors: Commerical

Classification Levels for a Commercial Business (4 classifications)

PSPC vs USCST

A

Public: No impact if released; often publicly accessible data

Sensitive: Minimal impact if released e,g finiacial data

Private: Contains internal personnel or salary information

Critical: Extremely valuable and restricted information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Classification 2 main sectors: Government

Classification Levels Government (5 classifications)

PSPC vs USCST

A

Unclassified: Generally releasable to the public

Sensitive but Unclassified: Includes medical records, personnel files, etc.

Confidential: Contains information that could affect the government

Secret: Holds data like military deployment plans, defensive postures

Top Secret: Highest level, includes highly sensitive national security information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Legal Requirements

A

Depending on the organisation type, there may be legal obligations to handle data.

  • Maintaining data for defined periods

Data should not be stored forever

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What should organisational policies outline for all documentation?

CRD

A

Organisational policies should clearly outline…

  1. Data Classification (PSPC vs USCST)
  2. Data Retention (How long can you keep it? legal requirments)
  3. Data Disposal Requirements (how to get rid of it)

Note: Understanding data classifications and their proper handling is vital for protecting sensitive information and complying with relevant regulations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security + (SY0-701) (238 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions