CISSP Domain 2 notes- Asset Security
Identifying and Classifying Information & Assets
- Personally Identifiable Information (PII) i.e. any information that can identify an individual — NIST.
- Protected Health Information (PHI) i.e. health-related information — HIPPA
- Proprietary Data i.e software code, product’s technical plans, intellectual property or trade secrets
Data Protection Methods
Data Loss Prevention (DLP) System
Network-based data loss prevention (DLP) systems can scan outgoing data and look for specific keywords and/or data patterns. DLP systems can block these outgoing transmissions.
Endpoint-based data loss prevention (DLP) systems prevents users from copying sensitive data to USB flash drives or sending sensitive data to printers. It can also be configured to scan files to look for keywords and block the copy or print job if it detects those files. DLP is also able to detect keywords within the zipped/compressed files. DLP can also detects unencrypted valuable data i.e., unencrypted credit card numbers in database server and alert this to the security administrator.
Data loss prevention methods prevent unauthorized data loss but do not protect data in use.
Data loss prevention (DLP) systems attempt to detect and block data exfiltration.
Digital Risk Management (DRM)
- DRM License
- Persistent online authentication
- Continuous audit trail
- Automatic expiration
Cloud Access Security Broker (CASB)