Bash, the Crucial Exams Chat Bot
AI Bot
Compliance and Regulatory Standards Flashcards
Microsoft Security, Compliance, and Identity Fundamentals SC-900 Flashcards
| Front | Back |
| Benefits of Microsoft Purview | Helps organizations classify, protect, and govern sensitive data. |
| Difference between Encryption and Tokenization | Encryption obfuscates data using keys, while tokenization replaces it with non-sensitive equivalents. |
| Elements of a risk management framework | Identification, assessment, mitigation, and monitoring. |
| How does Microsoft Azure enable compliance | Offers built-in compliance certifications and tools for data security and governance. |
| How is sensitive data classified | Using tools like Microsoft Purview to automatically detect and label sensitive information. |
| Importance of cybersecurity in compliance | Protects sensitive data and supports regulatory requirements for secure systems. |
| Importance of regulatory compliance | Ensures organizations meet legal and ethical standards, avoiding fines and reputational damage. |
| Key focus areas of SOC 2 | Privacy, security, availability, processing integrity, and confidentiality. |
| Key principles of GDPR | Lawfulness, fairness, transparency, data minimization, accuracy, storage limitation, integrity and confidentiality. |
| Microsoft solution for GDPR compliance | Microsoft Compliance Manager with built-in tools for assessments and audits. |
| Name a tool for monitoring compliance | Microsoft Compliance Manager for tracking and improving compliance posture. |
| Purpose of audit logs in compliance | Tracks user activity and system changes to support investigations and monitoring. |
| Purpose of HIPAA | To safeguard medical information and set standards for handling health data. |
| Purpose of PCI DSS | Ensures secure handling of payment card information. |
| Role of ISO 27001 in compliance | Provides an international standard for Information Security Management Systems (ISMS). |
| Role of Microsoft Defender in compliance | Provides advanced threat protection and security for user data. |
| What does HIPAA stand for | Health Insurance Portability and Accountability Act. |
| What does SOC stand for in SOC 2 | System and Organization Controls for safeguarding data. |
| What is a compliance framework | A structured set of guidelines and best practices for managing and mitigating risks. |
| What is a Data Loss Prevention (DLP) policy | A system to identify and protect sensitive data from unauthorized access or sharing. |
| What is CCPA | California Consumer Privacy Act focused on data privacy for California residents. |
| What is GDPR | General Data Protection Regulation focused on protecting personal data of EU citizens. |
| What is meant by regulatory standards | Legal requirements that organizations need to meet within specific industries or regions. |
| What is the right to be forgotten in GDPR | Allows individuals to request deletion of their personal data. |
| Who enforces GDPR compliance | Enforced by Data Protection Authorities (DPAs) in each EU member state. |
Front
Key focus areas of SOC 2
Click the card to flip
Back
Privacy, security, availability, processing integrity, and confidentiality.
Front
Elements of a risk management framework
Back
Identification, assessment, mitigation, and monitoring.
Front
What is a Data Loss Prevention (DLP) policy
Back
A system to identify and protect sensitive data from unauthorized access or sharing.
Front
What is the right to be forgotten in GDPR
Back
Allows individuals to request deletion of their personal data.
Front
Purpose of audit logs in compliance
Back
Tracks user activity and system changes to support investigations and monitoring.
Front
Name a tool for monitoring compliance
Back
Microsoft Compliance Manager for tracking and improving compliance posture.
Front
What does HIPAA stand for
Back
Health Insurance Portability and Accountability Act.
Front
Role of ISO 27001 in compliance
Back
Provides an international standard for Information Security Management Systems (ISMS).
Front
What is CCPA
Back
California Consumer Privacy Act focused on data privacy for California residents.
Front
What is meant by regulatory standards
Back
Legal requirements that organizations need to meet within specific industries or regions.
Front
Key principles of GDPR
Back
Lawfulness, fairness, transparency, data minimization, accuracy, storage limitation, integrity and confidentiality.
Front
Importance of cybersecurity in compliance
Back
Protects sensitive data and supports regulatory requirements for secure systems.
Front
Microsoft solution for GDPR compliance
Back
Microsoft Compliance Manager with built-in tools for assessments and audits.
Front
How is sensitive data classified
Back
Using tools like Microsoft Purview to automatically detect and label sensitive information.
Front
Role of Microsoft Defender in compliance
Back
Provides advanced threat protection and security for user data.
Front
What is GDPR
Back
General Data Protection Regulation focused on protecting personal data of EU citizens.
Front
What is a compliance framework
Back
A structured set of guidelines and best practices for managing and mitigating risks.
Front
Importance of regulatory compliance
Back
Ensures organizations meet legal and ethical standards, avoiding fines and reputational damage.
Front
Benefits of Microsoft Purview
Back
Helps organizations classify, protect, and govern sensitive data.
Front
How does Microsoft Azure enable compliance
Back
Offers built-in compliance certifications and tools for data security and governance.
Front
Who enforces GDPR compliance
Back
Enforced by Data Protection Authorities (DPAs) in each EU member state.
Front
Purpose of PCI DSS
Back
Ensures secure handling of payment card information.
Front
Purpose of HIPAA
Back
To safeguard medical information and set standards for handling health data.
Front
Difference between Encryption and Tokenization
Back
Encryption obfuscates data using keys, while tokenization replaces it with non-sensitive equivalents.
Front
What does SOC stand for in SOC 2
Back
System and Organization Controls for safeguarding data.
1/25
This deck explains compliance frameworks, regulations like GDPR, and how Microsoft solutions help organizations meet compliance requirements.