Bash, the Crucial Exams Chat Bot
AI Bot
Security, Privacy, and Compliance in Data Flashcards
CompTIA DataX DY0-001 (V1) Flashcards
Study our Security, Privacy, and Compliance in Data flashcards for the CompTIA DataX DY0-001 (V1) exam with 28+ flashcards. View as flashcards, a searchable table, or as a fun matching game.
| Front | Back |
| Define data anonymization | The process of removing or encrypting identifiable information from datasets |
| Define data masking | A technique to obscure data, making it inaccessible to unauthorized users |
| Define endpoint security | Measures taken to secure devices connected to a network, such as laptops or mobile phones |
| Define security patches | Updates to software fixing vulnerabilities or improving security |
| Name one common privacy law | GDPR or CCPA |
| What are cookies in the context of privacy | Small text files that websites store on users' devices to track browsing activity |
| What are the penalties for violating GDPR | Fines up to €20 million or 4% of annual global turnover |
| What does "data retention policy" mean | Guidelines for how long data should be stored before deletion |
| What does GDPR stand for | General Data Protection Regulation |
| What does HIPAA regulate | Health Insurance Portability and Accountability Act, focused on securing healthcare data |
| What is a data breach | An incident where sensitive data is accessed or disclosed without authorization |
| What is an intrusion detection system (IDS) | A tool or software designed to detect unauthorized access or threats to a network |
| What is backup and recovery in data security | Storing copies of data to restore it after accidental loss or breaches |
| What is CCPA | California Consumer Privacy Act, a privacy law in California to protect consumer data |
| What is compliance in context of data security | Adhering to laws, regulations, and standards governing data use and protection |
| What is data encryption | The process of converting data into a coded format to prevent unauthorized access |
| What is multi-factor authentication (MFA) | Using two or more verification methods to enhance login security |
| What is phishing | A fraudulent attempt to obtain sensitive information by impersonating a trustworthy entity |
| What is PII | Personally Identifiable Information used to identify an individual |
| What is ransomware | Malicious software that locks or encrypts data until a ransom is paid |
| What is the CIA triad in data security | Confidentiality, Integrity, Availability |
| What is the function of role-based access control | Assigning user permissions based on their role in an organization |
| What is the principle of least privilege | Giving users the minimum access necessary to perform their tasks |
| What is the purpose of audit logs | Tracking and recording user activities for accountability and review |
| What is the purpose of firewalls | To block unauthorized access to networks while permitting legitimate communication |
| What is the role of a Data Protection Officer (DPO) | Ensuring compliance with data privacy laws within an organization |
| What is two-factor authentication (2FA) | A security process requiring users to verify their identity using two different methods |
| Why is data classification important | To categorize data based on its sensitivity and set appropriate protection levels |
Related Study Materials
About the Flashcards
Flashcards for the CompTIA DataX exam focus on core data privacy and security terminology students need to master. Cards cover encryption, multi-factor authentication, personally identifiable information (PII), data anonymization and masking, common threats such as phishing and ransomware, and the fundamentals of data breaches.
The deck also reviews governance, compliance, and security controls: GDPR, CCPA, HIPAA, penalties, Data Protection Officer responsibilities, audit logs, the CIA triad, access models (least privilege, role-based), firewalls and intrusion detection systems, endpoint security, data retention and backup, and security patches. Use the cards to review definitions, reinforce key concepts, and practice recall for exam questions.
Topics covered in this flashcard deck:
- Data encryption and masking
- Authentication and access control
- Privacy laws and compliance
- Phishing and ransomware threats
- Data retention and backup
- Audit logs and governance