Bash, the Crucial Exams Chat Bot
AI Bot
Compliance and Regulatory Standards Flashcards
Microsoft Security, Compliance, and Identity Fundamentals SC-900 Flashcards
| Front | Back |
| Benefits of Microsoft Purview | Helps organizations classify, protect, and govern sensitive data. |
| Difference between Encryption and Tokenization | Encryption obfuscates data using keys, while tokenization replaces it with non-sensitive equivalents. |
| Elements of a risk management framework | Identification, assessment, mitigation, and monitoring. |
| How does Microsoft Azure enable compliance | Offers built-in compliance certifications and tools for data security and governance. |
| How is sensitive data classified | Using tools like Microsoft Purview to automatically detect and label sensitive information. |
| Importance of cybersecurity in compliance | Protects sensitive data and supports regulatory requirements for secure systems. |
| Importance of regulatory compliance | Ensures organizations meet legal and ethical standards, avoiding fines and reputational damage. |
| Key focus areas of SOC 2 | Privacy, security, availability, processing integrity, and confidentiality. |
| Key principles of GDPR | Lawfulness, fairness, transparency, data minimization, accuracy, storage limitation, integrity and confidentiality. |
| Microsoft solution for GDPR compliance | Microsoft Compliance Manager with built-in tools for assessments and audits. |
| Name a tool for monitoring compliance | Microsoft Compliance Manager for tracking and improving compliance posture. |
| Purpose of audit logs in compliance | Tracks user activity and system changes to support investigations and monitoring. |
| Purpose of HIPAA | To safeguard medical information and set standards for handling health data. |
| Purpose of PCI DSS | Ensures secure handling of payment card information. |
| Role of ISO 27001 in compliance | Provides an international standard for Information Security Management Systems (ISMS). |
| Role of Microsoft Defender in compliance | Provides advanced threat protection and security for user data. |
| What does HIPAA stand for | Health Insurance Portability and Accountability Act. |
| What does SOC stand for in SOC 2 | System and Organization Controls for safeguarding data. |
| What is a compliance framework | A structured set of guidelines and best practices for managing and mitigating risks. |
| What is a Data Loss Prevention (DLP) policy | A system to identify and protect sensitive data from unauthorized access or sharing. |
| What is CCPA | California Consumer Privacy Act focused on data privacy for California residents. |
| What is GDPR | General Data Protection Regulation focused on protecting personal data of EU citizens. |
| What is meant by regulatory standards | Legal requirements that organizations need to meet within specific industries or regions. |
| What is the right to be forgotten in GDPR | Allows individuals to request deletion of their personal data. |
| Who enforces GDPR compliance | Enforced by Data Protection Authorities (DPAs) in each EU member state. |
This deck explains compliance frameworks, regulations like GDPR, and how Microsoft solutions help organizations meet compliance requirements.