Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
22 Cards in this Set
- Front
- Back
confidentiality
|
sensitive company information is protected by unauthorized disclosure
|
|
1. business plans
2. legal documents 3. pricing strategies 4. customer lists |
sensitive company information
|
|
1. transmitted
2. stored 3. disposed |
controls must be in place for data when it is: (3)
|
|
strong authentication and authorization controls
|
when data is stored - needs
|
|
shredding
|
when data is disposed of - needs
|
|
encryption
|
transforming normal content into gibberish cipher
|
|
decryption
|
transforming cipher text back into plain text
|
|
1. key
2. algorithm |
needed to encrypt/decrypt:
|
|
virtual private network
|
encrypting documents and sending out via. secure internet
|
|
1. email
2. cell phones |
threats to confidentiality
|
|
privacy
|
keep personal data collected about customers secure
|
|
GAPP - generally accepted privacy principles
|
trust services framework identified 10 best practices
|
|
1. management
2. notice 3. choice and consent 4. collection of data 5. use and retention 6. access 7. disclosure to third parties 8. security 9. quality 10. monitoring/enforcement |
10 GAPP Principles
|
|
opt in
|
companies cannot collect personal data unless you give consent; europe
|
|
opt out
|
companies can collect your personal info unless specifically declined; united states
|
|
access
|
1/10 gapp - orgs should provide mechanisms for customers to review/update/delete the personal data stored about them
|
|
key
|
string of binary digits of a fixed length
|
|
algorithm
|
formula that combines the key and text
|
|
1 symmetric encryption
2 asymmetric encryption |
two types of encryption schemes
|
|
symmetric encryption
|
same key is used to encrypt/decrypt text
|
|
asymmetric encryption
|
2 different keys to encrypt/decrypt text; use public/private key
|
|
1. need a secure way to share the key with other parties
2. need a secure symmetric key that is unique to each participant |
problems with symmetric encryption
|