Bash, the Crucial Exams Chat Bot
AI Bot
Security, Privacy, and Compliance in Data Flashcards
CompTIA DataX DY0-001 (V1) Flashcards
| Front | Back |
| Define data anonymization | The process of removing or encrypting identifiable information from datasets |
| Define data masking | A technique to obscure data, making it inaccessible to unauthorized users |
| Define endpoint security | Measures taken to secure devices connected to a network, such as laptops or mobile phones |
| Define security patches | Updates to software fixing vulnerabilities or improving security |
| Name one common privacy law | GDPR or CCPA |
| What are cookies in the context of privacy | Small text files that websites store on users' devices to track browsing activity |
| What are the penalties for violating GDPR | Fines up to €20 million or 4% of annual global turnover |
| What does "data retention policy" mean | Guidelines for how long data should be stored before deletion |
| What does GDPR stand for | General Data Protection Regulation |
| What does HIPAA regulate | Health Insurance Portability and Accountability Act, focused on securing healthcare data |
| What is a data breach | An incident where sensitive data is accessed or disclosed without authorization |
| What is an intrusion detection system (IDS) | A tool or software designed to detect unauthorized access or threats to a network |
| What is backup and recovery in data security | Storing copies of data to restore it after accidental loss or breaches |
| What is CCPA | California Consumer Privacy Act, a privacy law in California to protect consumer data |
| What is compliance in context of data security | Adhering to laws, regulations, and standards governing data use and protection |
| What is data encryption | The process of converting data into a coded format to prevent unauthorized access |
| What is multi-factor authentication (MFA) | Using two or more verification methods to enhance login security |
| What is phishing | A fraudulent attempt to obtain sensitive information by impersonating a trustworthy entity |
| What is PII | Personally Identifiable Information used to identify an individual |
| What is ransomware | Malicious software that locks or encrypts data until a ransom is paid |
| What is the CIA triad in data security | Confidentiality, Integrity, Availability |
| What is the function of role-based access control | Assigning user permissions based on their role in an organization |
| What is the principle of least privilege | Giving users the minimum access necessary to perform their tasks |
| What is the purpose of audit logs | Tracking and recording user activities for accountability and review |
| What is the purpose of firewalls | To block unauthorized access to networks while permitting legitimate communication |
| What is the role of a Data Protection Officer (DPO) | Ensuring compliance with data privacy laws within an organization |
| What is two-factor authentication (2FA) | A security process requiring users to verify their identity using two different methods |
| Why is data classification important | To categorize data based on its sensitivity and set appropriate protection levels |
This deck addresses data security concepts, privacy laws, and compliance requirements key to managing sensitive data responsibly.