OSi Model, Data owners, 80
Studied by 0 people
Learn
Practice Test
Spaced Repetition
Match
Flashcards1/23
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced |
|---|
No study sessions yet.
24 Terms
Hardening
Act of configuring an operating system securely by updating it, creatingrules and policies to govern it, and removing unnecessary applicationsand services
Hardware Security Module
Physical devices that act as a secure cryptoprocessor during theencryption process
hardware devices that can reside on a computer motherboard
HSM
Hardware Security Module
Trusted Platform Module
Chip residing on the motherboard that contains an encryption key
If your motherboard doesn’t have TPM, you can use an externalUSB drive as a key
usually embedded into computer motherboards and are available as external devices
802.1x
Standardized framework used for port-based authentication on wired and wireless networks
Radius and TACACS+
Data Subject
the person who the information is about
Data Owner
the individual or entity responsible for the management and protection of data assets, including determining access permissions and data classification.
Data Controller
the entity that determines the purposes and means of processing personal data. Especially when a true data owner does not exist
Data Processor
an entity that processes data on behalf of a data controller, typically involved in handling the data according to the instructions provided by the controller.
Data Custodian
the individual or entity responsible for the safekeeping and management of data, which includes tasks such as maintaining data integrity, ensuring accessibility, and implementing security controls as directed by the data owner.
Data Steward
an individual responsible for managing and overseeing an organization's data assets, ensuring accuracy, privacy, and compliance with policies and regulations.
Data Protection Officer (DPO)
a designated individual responsible for overseeing data protection strategies and ensuring compliance with data protection laws and regulations within an organization.
Risk Avoidance
A strategy that requires stopping the activity that has risk or choosing a less risky alternative
Risk Transfer
A strategy that passes the risk to a third party
Risk Mitigation
A strategy that seeks to minimize the risk to an acceptable level
Risk Acceptance
A strategy that seeks to accept the current level of risk and the costs associated with it if the risk were realized
Residual Risk
The risk remaining after trying to avoid, transfer, or mitigate the risk
Risk appetite
is the level of risk an organization is willing to take to achieve its objectives
Risk tolerance
is the level of risk an organization is willing to endure or withstand before it impacts those objectives