Chapter 5 - CISSP Domain 2 - Protecting Security of Assets

Description

HBO CISSP (ISC)2 Mind Map on Chapter 5 - CISSP Domain 2 - Protecting Security of Assets, created by Niels de Jonge on 28/01/2018.
Niels de Jonge
Mind Map by Niels de Jonge, updated more than 1 year ago
Niels de Jonge
Created by Niels de Jonge almost 7 years ago
108
0

Resource summary

Chapter 5 - CISSP Domain 2 - Protecting Security of Assets
  1. Classifying and Labeling Assets
    1. Defining Sensitive Data
      1. Proprietary Data
        1. Intelectual Property
          1. Trade secrets
            1. Blueprints
            2. Privacy related
              1. PII
                1. PHI
              2. Defining Classifications
                1. Classifications Levels
                  1. Applies to Data and Hardware
                    1. Damage done when disclosed
                    2. Defining Data Security Requirements
                      1. Higher classification needs higher security
                      2. Understanding Data States
                        1. Data states; motion, use, rest.
                        2. Managing Sensitive Data
                          1. To prevent unwanted disclosure
                            1. Marking / labelling to easy identify the classification
                              1. To provide linking pin for DLP
                              2. Secure transport based on classification
                                1. Secure storage based on classification
                                  1. Proper destruction when data becomes no longer needed
                                    1. Getting rid of data remanence
                                      1. Data destroyment
                                        1. Purging
                                          1. Declassification
                                            1. Sanitisation
                                              1. Degaussing
                                                1. Destruction
                                                  1. SSD cant be erased, they need total destruction
                                              2. Retaining and maintaining by record retention
                                              3. Protecting Confidentiality with Cryptography
                                                1. Protecting data with symmetric encryption
                                                  1. AES
                                                  2. Protecting data with transport encryption
                                                    1. VPN, HTTPS
                                                2. Identifying Data Roles
                                                  1. Data Owners
                                                    1. Ultimately the CEO is liable for negligence
                                                      1. Check label and classification
                                                      2. System Owners
                                                        1. Develops and maintains Security Plan
                                                          1. Ensures delivery of security training
                                                          2. Business / Mission Owners
                                                            1. Owners of business processes
                                                              1. Ensures systems to provide business value
                                                              2. Data Processors
                                                                1. Any system used to process data
                                                                  1. EU Data Protect: natural or legal person
                                                                  2. EU Data Protect: restricts data tranfers outside EU
                                                                    1. US: Safe Harbor Program
                                                                      1. 7 principles; Notice, Choice, Onward Transfer, Security, Data integrity, Access, Enforcement
                                                                    2. Admins
                                                                      1. Granting access / assigning permissions
                                                                        1. RBAC
                                                                      2. Custodians
                                                                        1. Helps protect security and integrity
                                                                          1. Typically IT dept.
                                                                        2. Users
                                                                          1. Anyone using / accessing the data
                                                                        3. Protecting Privacy
                                                                          1. Using Security Baselines
                                                                            1. To provide starting point with minimum security standards
                                                                              1. GPO
                                                                              2. Security Control Baseline
                                                                              3. Scoping and Tailoring
                                                                                1. Review Security Baselines
                                                                                  1. Select only logically applicable controls to a system
                                                                                  2. Selecting Standards
                                                                                    1. Selecting Security Controls within the Baseline
                                                                                      1. ISO
                                                                                        1. PCI DSS
                                                                                      2. GDPR
                                                                                      Show full summary Hide full summary

                                                                                      Similar

                                                                                      Final Exam 2015+
                                                                                      Alexandre Pinheiro
                                                                                      CISSP Domains
                                                                                      pikeje
                                                                                      Chapter 5 Homework
                                                                                      void pickle
                                                                                      Project Mngt Chapter 5
                                                                                      damimgd2u
                                                                                      Chapter 4 E-commerce Quiz Multiple Choice
                                                                                      Sergio López
                                                                                      E-commerce Chapter 4 TRUE/FALSE Quiz
                                                                                      Sergio López
                                                                                      Mechanics-Chapter 5-Moments
                                                                                      Thomas Marshall
                                                                                      Certified Information Systems Security Professional (CISSP)
                                                                                      GoAsk Chaz
                                                                                      CISSP Domians
                                                                                      examtime8725
                                                                                      Chapter 5: Keeping data safe and secure, keywords
                                                                                      Victoria Heppinstall
                                                                                      Week 1 Study Guide
                                                                                      amatthews1