StudyXY
RegisterLog in
Information Technology /Security+ (SY0-701): Lesson 16: Summarize Data Protection Part 2

Security+ (SY0-701): Lesson 16: Summarize Data Protection Part 2

Information Technology25 CardsCreated about 2 months ago

This flashcard deck covers key concepts from the Security+ (SY0-701) Lesson 16, focusing on data protection methods, DLP components, and security awareness training.

PrintEmbedImportReport

Define 'data at rest'

The data is in some sort of persistent storage media.
Tap or swipe ↕ to flip
Swipe ←→Navigate
SSpeak
FFocus
1/25

Key Terms

Term
Definition
Define 'data at rest'
The data is in some sort of persistent storage media.
How is data at rest typically secured?
By implementing some form of encryption (FDE, database encryption, file/folder) or access control.
Define 'data in transit/motion'
When data is transmitted over a network.
How is data in transit/motion secured?
By implementing a transport encryption protocol, such as TLS or IPSec.
Define 'data in use'
When data is present in volatile memory, such as system RAM or CPU registers and cache.
How can data in use be secure?
Although most data needs to be decrypted from rest in order to be used, trusted execution environment (TEE) mechanisms are able to encrypt data as it ...
Log in to view all terms

Related Flashcard Decks

Information Technology

Security+ (SY0-701): Additional Knowledge

This flashcard set explores various cybersecurity topics including credential-stuffing attacks, data classification (e.g., private data), and key disaster recovery metrics like RTO. It also highlights protective measures such as hashing for data integrity, automation support challenges, and the use of URL scanning in web filtering to prevent malware infections.

10 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice: 5.0 Security Program Management and Oversight

This flashcard set covers key concepts in cybersecurity governance frameworks, including centralized governance, data stewardship roles, and compliance laws like SOX. It also addresses environments supporting development and change management, as well as recovery strategies like Recovery Point Objective (RPO) to minimize data loss during system failures.

8 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice: 4.0 Security Operations

This flashcard set explores advanced cybersecurity practices including refining SIEM alert handling, email security protocols (DKIM, DMARC), secure authentication methods, and strategic threat-hunting. It emphasizes how to enhance incident response efficiency and leverage proactive defense techniques like maneuvering to counteract potential threats.

11 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice; 2.0 Threats, Vulnerabilities, and Mitigations

This deck covers key concepts related to threats, vulnerabilities, and mitigations in cybersecurity, focusing on virtual machine security.

1 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice; 1.0 General Security Concepts

This flashcard deck covers key concepts from the Security+ (SY0-701) exam, focusing on general security concepts such as technical and operational controls, policy enforcement, and tokenization.

6 cards
View Deck
Information Technology

Security+ (SY0-701): Lesson 16: Summarize Data Protection Part 1

This deck covers key concepts from Lesson 16 of the Security+ (SY0-701) course, focusing on data protection, including definitions, classifications, and regulatory responsibilities.

25 cards
View Deck

Study Tips

  • Press F to enter focus mode for distraction-free studying
  • Review cards regularly to improve retention
  • Try to recall the answer before flipping the card
  • Share this deck with friends to study together
Security+ (SY0-701): Lesson 16: Summarize Data Protection Part 2
TermDefinition
Define 'data at rest'
The data is in some sort of persistent storage media.
How is data at rest typically secured?
By implementing some form of encryption (FDE, database encryption, file/folder) or access control.
Define 'data in transit/motion'
When data is transmitted over a network.
How is data in transit/motion secured?
By implementing a transport encryption protocol, such as TLS or IPSec.
Define 'data in use'
When data is present in volatile memory, such as system RAM or CPU registers and cache.
How can data in use be secure?
Although most data needs to be decrypted from rest in order to be used, trusted execution environment (TEE) mechanisms are able to encrypt data as it exists in memory.
What is the function of data loss prevention (DLP) software?
To automate the discovery and classification of data types and enforce rules so that data is not viewed or transferred without a proper authorization.

What are the 3 typical components of Data loss prevention (DLP) products?

  1. Policy Server

  2. Endpoint agents

  3. Network agents

What is the purpose of a Data loss prevention (DLP) policy server?
To configure classification, confidentiality, and privacy rules and policies, log incidents, and compile reports.
What is the purpose of a Data loss prevention (DLP) endpoint agent?
To enforce policy on client computers, even when they are not connected to the network.
What is the purpose of a Data loss prevention (DLP) network agent?
To scan communications at network borders and interface with web and messaging servers to enforce policy.
This method of data protection is often associated with payment processing systems.
Tokenization; Replaces sensitive data (such as a credit card number) with a randomly generated token while securely storing the original data in a separate location.
Define a 'tombstone' mechanism
a Data loss prevention (DLP) mechanism where original file is quarantined and replaced with one describing the policy violation and how the user can release it again.
Define a 'code of conduct'
Rules of behavior and ethical standards; Sets out expected professional standards.
Define a 'clean desk policy'
Organizational policy that mandates employee work areas be free from potentially sensitive information.
When educating end users, what should be of focus?
Responsibilities and threats that are relevant to users in a language they can understand.
What are methods of employee education?
Facilitated workshops and events, one-on-one instruction and mentoring, plus resources such as computer-based or online training, videos, books, and blogs/newsletters.
Define 'Computer-based training (CBT)'
Training and education programs delivered using computer devices and e-learning instructional models and design.
What are forms of Computer-based training (CBT)?
Simulations; branching scenarios.
What is a branching scenario?
Having students choose between options to find the best choices to solve a cybersecurity incident or configuration problem.
Define 'Anomalous behavior recognition'
Actions or patterns that deviate significantly from expectations; Systems that automatically detect users, hosts, and services that deviate from what is expected.
How can end users support anomalous behavior recognition?
By training employees to recognize and report anomalous behavior.
What are examples of anomalous behavior?
Unusual network traffic, user account activity anomalies, insider threat actions, abnormal system events, and fraudulent transactions.
What mechanisms are used to automatically detect anomalous behavior?
Network intrusion detection, user behavior analytics, system log analysis, and fraud detection.

In order, what are the 7 stages of the security awareness training lifecycle?

  1. Assessment

  2. Planning and design

  3. Development

  4. Delivery and implementation

  5. Evaluation and feedback

  6. Ongoing reinforcement

  7. Monitoring and adaptation