











Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
An overview of various data protection and cryptography techniques used to secure sensitive information. It covers topics such as data ownership, data states, protective measures, and different cryptographic methods like encryption, hashing, masking, and tokenization. The document also discusses data sovereignty laws, access restrictions, and data loss prevention systems. It delves into the details of symmetric and asymmetric encryption, including algorithms like diffie-hellman, rsa, and elliptic curve cryptography (ecc). Additionally, it explores variants of ecc, such as ecdh, ecdhe, and ecdsa, as well as hashing techniques and their associated concepts like key stretching and salting. This comprehensive guide offers valuable insights into the complex world of data security and the tools and strategies employed to protect sensitive information.
Typology: Exams
1 / 19
This page cannot be seen from the preview
Don't miss anything!












Data Classification - Solution Based on the value to the organization and the sensitivity of the information, determined by the data owner Sensitive Data - Solution • Information that can result in the loss of security or competitive advantage for a company
Data Controller - Solution Entity responsible for determining data storage, collection and usage purposes and methods, ensuring the legality of these processes within responsibility Data Processor - Solution A group or individual hired by the data controller to assist with tasks like data collection and processing Data Steward - Solution Focuses on data quality and metadata, appropriate labeling and classification, often working under the data owner Data Custodian - Solution Responsible for managing the systems on which data assets are stored, including enforcing access control, encryption, and backup measures, example: system administrator Privacy Officer - Solution • Oversees privacy-related data, personally identifiable information (PII), sensitive personal information (SPI), protected health information (PHI), ensuring compliance with legal and regulatory frameworks
Key - Solution • Essential piece of information that determine the output of a cipher
How can "Pass the Hash Attack" be mitigated? - Solution • Ensure trusted OS
Public Key Cryptography - Solution • Refers to the encryption and decryption process using public and private keys
Blockchain - Solution • Shared immutable ledger for transactions and asset tracking