null
US
Entrar
Registre-se gratuitamente
Registre-se
Detectamos que o JavaScript não está habilitado no teu navegador. Habilite o Javascript para o funcionamento correto do nosso site. Por favor, leia os
Termos e Condições
para mais informações.
Próximo
Copiar e Editar
Você deve estar logado para concluir esta ação!
Inscreva-se gratuitamente
12020266
Chapter 5 - CISSP Domain 2 - Protecting Security of Assets
Descrição
HBO CISSP (ISC)2 Mapa Mental sobre Chapter 5 - CISSP Domain 2 - Protecting Security of Assets, criado por Niels de Jonge em 28-01-2018.
Sem etiquetas
cissp
chapter 5
domain 2
protecting security of assets
cissp (isc)2
hbo
Mapa Mental por
Niels de Jonge
, atualizado more than 1 year ago
Mais
Menos
Criado por
Niels de Jonge
quase 7 anos atrás
108
0
0
Resumo de Recurso
Chapter 5 - CISSP Domain 2 - Protecting Security of Assets
Classifying and Labeling Assets
Defining Sensitive Data
Proprietary Data
Intelectual Property
Trade secrets
Blueprints
Privacy related
PII
PHI
Defining Classifications
Classifications Levels
Applies to Data and Hardware
Damage done when disclosed
Defining Data Security Requirements
Higher classification needs higher security
Understanding Data States
Data states; motion, use, rest.
Managing Sensitive Data
To prevent unwanted disclosure
Marking / labelling to easy identify the classification
To provide linking pin for DLP
Secure transport based on classification
Secure storage based on classification
Proper destruction when data becomes no longer needed
Getting rid of data remanence
Data destroyment
Purging
Declassification
Sanitisation
Degaussing
Destruction
SSD cant be erased, they need total destruction
Retaining and maintaining by record retention
Protecting Confidentiality with Cryptography
Protecting data with symmetric encryption
AES
Protecting data with transport encryption
VPN, HTTPS
Identifying Data Roles
Data Owners
Ultimately the CEO is liable for negligence
Check label and classification
System Owners
Develops and maintains Security Plan
Ensures delivery of security training
Business / Mission Owners
Owners of business processes
Ensures systems to provide business value
Data Processors
Any system used to process data
EU Data Protect: natural or legal person
EU Data Protect: restricts data tranfers outside EU
US: Safe Harbor Program
7 principles; Notice, Choice, Onward Transfer, Security, Data integrity, Access, Enforcement
Admins
Granting access / assigning permissions
RBAC
Custodians
Helps protect security and integrity
Typically IT dept.
Users
Anyone using / accessing the data
Protecting Privacy
Using Security Baselines
To provide starting point with minimum security standards
GPO
Security Control Baseline
Scoping and Tailoring
Review Security Baselines
Select only logically applicable controls to a system
Selecting Standards
Selecting Security Controls within the Baseline
ISO
PCI DSS
GDPR
Quer criar seus próprios
Mapas Mentais
gratuitos
com a GoConqr?
Saiba mais
.
Semelhante
Final Exam 2015+
Alexandre Pinheiro
CISSP Domains
pikeje
Chapter 5 Homework
void pickle
Project Mngt Chapter 5
damimgd2u
Chapter 4 E-commerce Quiz Multiple Choice
Sergio López
E-commerce Chapter 4 TRUE/FALSE Quiz
Sergio López
Mechanics-Chapter 5-Moments
Thomas Marshall
Certified Information Systems Security Professional (CISSP)
GoAsk Chaz
CISSP Domians
examtime8725
Chapter 5: Keeping data safe and secure, keywords
Victoria Heppinstall
Week 1 Study Guide
amatthews1
Explore a Biblioteca