Scribd Logo
Upload

Welcome to Scribd!

  • Isc2 Acceleratedcissp 2018 2 1 3 Asset Security Key Points

    Uploaded by

    trojanbaya
    7 views2 pages

    Original Title

    isc2-acceleratedcissp-2018-2-1-3-asset-security-key-points

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views2 pages

    Isc2 Acceleratedcissp 2018 2 1 3 Asset Security Key Points

    Uploaded by

    trojanbaya

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Filename: isc2-acceleratedcissp-2018-2-1-3-asset-security-key-points

    Show Name: Accelerated CISSP (2018)


    Topic Name: Asset Security
    Episode Name: Asset Security - Key Points
    Description: Adam and Daniel discuss the main key points for studying in
    Domain 2.

    Asset Security - Key Points

    Domain: Asset Security

    Asset Security - Key points

    1. Classification & Categorization

    2. PII

    3. How to manage sensitive information

    4. Data / Retention policies

    5. Roles:

    a. owner / controller - master of all


    b. custodian / processor - managers of all
    c. administrator - grants permissions / access to data

    6. QA (external) vs. QC (internal)

    7. Data, data, data

    a. clearing
    b. purging
    c. destruction
    d. remanence

    8. Data states

    Data exists in 3 well defined states:

    a. at rest (storage)
    b. in motion (transit / on the wire)
    c. in use (application)

    9. Scoping & Tailoring

    10. Link vs End-to-End encryption

    11. Data protection methods

    a. at rest (storage) -
    encryption
    obfuscation / tokenization
    archive / dispose / destruct
    mobile device protection
    physical media control

    b. in motion (transit) -
    encryption
    perimeter security
    web content filtering
    network traffic monitoring
    VPN's

    c. in use (application) -
    encryption
    user monitoring
    workstation restrictions
    application controls (whitelist / blacklist)
    data labeling

    You might also like