Mod 10 Managing Data Security

Question 1

The Business Impact of Data Security

Mod 10.1 Understand Data Security Concepts
Objective 3.1

Answer 1

Data Value Prioritization
- Organizations must categorize data based on value/sensitivity

Data Management Policy
- Formal documentation outlines procedures, access controls, protection requirements

Lifecycle Management
- proper handling of data through lifecycle, protection trough every stage

Security Cost vs Risk
High likelihood/high cost - May be worth the expense to address

Low likelihood/low cost - May be worth the expense to address

High likelihood/low cost - Is worth the expense to address

Low likelihood/high cost - May not be worth the expense to address

Question 2

Data Encryption

Mod 10.1 Understand Data Security Concepts
Objective 3.1

Answer 2

Three Goals of Encryption

(1) Confidentiality
Ensures that only authorized users can access & read the data

(2) Integrity
Verifies that data hasnt been altered during storage or transmission

(3) Non-repudiation
Prevents a user from denying they performed an action with the data

Data in transit: information moving across networks
Data at rest: information stored on physical media

Question 3

Retention Policies

Mod 10.1 Understand Data Security Concepts
Objective 3.1

Answer 3

Data Retention Requirements
- Legal compliance (industry regulations), Business operational needs, disaster recovery planning

On-Site Storage
- Immediate accessibility, direct control over security, potentially vulnerable to site-wide disasters

Off-Site Storage
- Protection from local disasters, Specialized security facilities, potential for increased retrieval time

Question 4

Additional Data Security Measures

Mod 10.1 Understand Data Security Concepts
Objective 3.1

Answer 4

UEFI/BIOS passwords
- Prevents unauthorized hardware config changes
- Control which devices can boot the system
- First layer of physical security

Boot Loader Passwords
- Prevents unauthorized OS modifications
- Controls access to special boot modes
- Mitigates risk of live OS bypass attacks

Question 5

Guidelines for Understanding Data Security

Mod 10.1 Managing Data Security
Objective 3.1

Answer 5

(1) Encryption Goals
(2) Cost vs Risk Analysis
(3) Retention Policies
(4) Data Protection States
(5) Change Detection
(6) Storage Location Strategy
(7) Low-Level Protection

Question 6

Risks and Mitigation

Mod 10.2 Manage Data Security
Objective 3.4

Answer 6

Common Threats
- Hardware Failure, Malware infection, Data corruption, Insider threats

Unwanted Activities
- Data duplication (theft), unauthorized publication, unauthorized access

Data Loss Prevention (DLP)
- monitor & control data transfer activities to prevent unauthorized transmission of sensitive info outside organization

• Breach occurs when unauthorized party gains access to protected systems or data, potentially leading to data theft, corruption, service disruption

Question 7

Industry & Gov Regulations

Mod 10.2 Manage Data Security
Objective 3.4

Answer 7

PII (Personal Identifiable Information)
- info id specific individual

PCI DSS (Payment Card Industry Data Security Standard)
- protects card holders data, payment security

HIPAA (Health Insurance Portability & Accountability Act)
- protects medical information, security and privacy rules

Question 8

General Troubleshooting

Mod 10.3 Troubleshoot Data Security
Objective 4.6

Answer 8

Resource Access Issues
- Permission configuration errors, authentication failures, access control list problems, Directory service connectivity issues

Group Policy Configurations
- Policy conflict resolution, inheritance issues, Policy application failures

Question 9

Data Breach

Mod 10.2 Manage Data Security
Objective 3.4

Answer 9

PII info

Primary ID
- Social Security Number
- Bank Account numbers
- Passport info
- Drivers license details

Secondary ID
- Credit/bank card numbers
- Phone numbers
- Birth Dates

Question 10

Firewall Configuration Troubleshooting

Mod 10.3 Troubleshoot Data Security
Objective 4.6

Answer 10

Restrictive Configurations
- Legitimate services blocked, application functionality impaired, user productive decreased

Permissive Configurations:
- potential security vulnerabilities, unauthorized access possible, regulatory compliance issues

Question 11

Service Configuration Troubleshooting

Mod 10.3 Troubleshoot Data Security
Objective 4.6

Answer 11

• Services running w/ excessive privileges
• Unnecessary services enabled
• Service dependencies not satisfied
• Configuration file corruption

Linux:
systemctl start sshd

Question 12

Troubleshooting Tools and their Uses

Mod 10.3 Troubleshoot Data Security
Objective 4.6

Answer 12

Picture