CISSP Domain 2 notes- Asset Security

Study Guide 9th Edition

K O M A L
4 min readNov 12, 2022

Chapter 5

Identifying and Classifying Information & Assets

  • Personally Identifiable Information (PII) i.e. any information that can identify an individual — NIST.
  • Protected Health Information (PHI) i.e. health-related information — HIPPA
  • Proprietary Data i.e software code, product’s technical plans, intellectual property or trade secrets
https://www.jetico.com/blog/how-protect-all-3-states-data-use-transit-and-rest

Data Protection Methods

Data Loss Prevention (DLP) System

Network-based data loss prevention (DLP) systems can scan outgoing data and look for specific keywords and/or data patterns. DLP systems can block these outgoing transmissions.

Endpoint-based data loss prevention (DLP) systems prevents users from copying sensitive data to USB flash drives or sending sensitive data to printers. It can also be configured to scan files to look for keywords and block the copy or print job if it detects those files. DLP is also able to detect keywords within the zipped/compressed files. DLP can also…

--

--