Asset Security Flashcards Preview

Asset management > Asset Security > Flashcards

Flashcards in Asset Security Deck (16)
Loading flashcards...
1
Q

how many financial loses are there in the CISSP material?

A

3

2
Q

What are the Asset Security controls?

A
  1. Data Classification
  2. labels
  3. retention
  4. ownership of data
    (page 81)
3
Q

What are the main mechanisms to protect high sensitive data (such as government or military)?

A
  1. need to know
  2. formal access approval
  3. clearance
  4. management of labels
4
Q

objects have _________?

a. ) clearance
b. ) labels

A

clearance

5
Q

what are the data classifications criteria used by most of the governments?

A
  1. ) Top secret
  2. ) Secret
  3. ) Confidential
6
Q

what is sensitive but unclassified (SBU) labeling and an example on it?

A

this includes sensitive data which if leaked to public won’t cause national damage but still is sensitive. example, healthcare patients information.

7
Q

whats the difference between clearance and formal access approval?

A

clearance is a decision/determinations whether a subject can be trusted to access national security data (this decision is made after a thorough background check by an administrative judge.

formal access approval is a formal document/paper showing the approval given by the data owner to a subject to access an object, the subject must understand what he is accessing and what are the consequences should the data become lost, destroyed, or compromised.

8
Q

what is data remanence ?

A

it’s the data left on a magnetic storage device after using noninvasive ways to deleting the data.

9
Q

what is the fastest memory on the system?

  1. RAM
  2. ROM
  3. Cache Memory
  4. Register file
A

Cache memory is the fastest on the system

register file is the fastest portion of the CPU cache.

10
Q

what type of RAM does the Cache Memory use?

  1. DDRAM?
  2. RDRAM?
  3. SRAM?
  4. RAM?
A

SRAM (Static)

11
Q

what are the types of the Cache Memory?

A
  1. Register file
  2. Level 1
  3. Level 2
12
Q

what is SSD garbage collection process?

A

it’s the process of taking care of unused and unerased blocks and erased in the background.

13
Q

what does the USB considered?

  1. Firmware
  2. RAM
  3. Flash Drive
  4. disk drive
A

it’s a flash drive and it’s not affected by simple magnetic fields like a magnetic disk (tape)

14
Q

what is the command used to improve the garbage collection process?

  1. TMR
  2. TRIM
  3. ATA
  4. EEPROM
A

TRIM is the command.

15
Q

what is a cold boot attack?

A

it’s an attack on the RAM, it boots using the OS saved on a USB for example and takes a copy of the RAM memory and dump it on the USB. The reason is that the RAM loses data after it reboots but still some data is kept as a remanence such as the encryption keys sometimes.

16
Q

what is degaussing?

A

it’s the process o using a strong magnet to destroy a tape or disk drive