Time
33 hours 23 minutes
Difficulty
Beginner
CEU/CPE
33

Video Transcription

00:00
Hello and welcome back to Sai Berries. 2019 comp t A Security plus certification preparation course.
00:09
We're going to tell you our discussion off marginal five. In fact, marginal five is domain fire, and the topic is risk management.
00:19
We have a brand new learning objective,
00:21
which is simply titled 5.8
00:24
and simply States, given a scenario, care out data security and privacy practices
00:31
as mentioned earlier. We have a brain to another objective here again, other sub topics, which encompasses this particular an objective, which we're gonna highlight during the course of this particular video presentation.
00:42
Before we get going, we need to begin by engaging in what we call a pre assessment quiz and a pre assessment careers. Reads as follows. You have purchased a new laptop for yourselves. People
00:55
you plan to dispose of the hard disk drive off the former laptops as part of the company's computer sale.
01:00
Would your following method what you used to properly dispose off the hard drives with you a destruction?
01:07
Be shredding,
01:08
see purging or d formatting?
01:12
In this case, if you see you absolutely correct because Persian what it does, it removes all the data from the hard disk and a data cannot be rebuilt in this case.
01:23
Then we look at data destruction and media sanitization, not data destruction is the prices of screwing data stored on your tapes, your hard disk and other forms of electronic media so they can be completely unreadable and it cannot be. Excess are used for unauthorized purposes.
01:38
Meat of centralization is a process by which data is irreversible. E moved, removed from the media or the media's permanent disc Roy.
01:49
And this brings us to some data destruction and media sensitization. So terms up disposal method as well as I'm going to provide you with a description,
01:57
the 1st 1 we call civilization basic. This process removes all the data from the stores media at the virtual level, the physical media is not harm and can be re purpose
02:07
comedy. Useful software to write random are all zero bits.
02:13
Then we have the ghost basis, employing a strong mandate force applied to the disk drive to remove its magnetic charge on Lee works on magnetic me like a CD, you're dead hard. This, in other words, a physical process of render some media types inoperable. In other words,
02:30
we could also implore Process called straight ing.
02:34
Basically, we have industrial machine where they do this. Slice the device. Other words start advice and too many pieces. It also referred to as papers reading
02:43
pulping breaks shredded paper down and removes the ink.
02:46
Polarising is another process or disposal method. This involves Industri machine. It crushed the stories device. The physical components and data are destroyed as well.
02:55
Another method is burning. Typically, you destroy paper. Records can also be used to sew discord, a storage device as well as its contents.
03:08
We look at wiping, wiping surprise involved the writing characters or random best overall addressable location on media.
03:17
This brings us to a brand again a continuation of our Prem's that dejected, which again we have a brain new objective here, which in fact, is 5.8 here getting some sub topics. We're going to highlight doing this particular video. We're gonna take a look at data sensitivity, labelling and handling ranging from companies Jallet Comfort, confidential
03:37
car but
03:38
public proprietary P I and P H eyes. Well,
03:44
then we look at data system, be labeling and handling. The first day we come across. It's called confidential
03:50
basic this neighbor first to any information that helps an organization maintains a competitive edge.
03:55
Private is information that should stay private within the organization but does not mean meet the definition of confidential data,
04:03
since it is applied to finish. That should be stay private within organization but does not meet the definite accompanied or private data.
04:12
Then we have public
04:14
is for information that is available to any individual outside organizations, such as your websites and brochures.
04:19
But product Tory that basically is company toe has data specific to their operations or intellectual property. It's gonna sit a proprietary
04:30
continuing with that data
04:32
labelling or sensitivity labeling process. We have a term called P I.
04:38
Basis stands for personal, identifiable information. This is any information that can identify individuals such as that name, so security number, date and place of birth.
04:48
PH I stands for protected health information in this case is any health related information that could be related to a specific individual such as health information healthcare provider as well as your health plan.
05:05
We have some additional topics that we're going to highlight doing this particular presentation of video.
05:12
We're still continue our discussion of this this brand new objective with just 5.8. What? We've given a scenario and we had to care about data security and privacy practices.
05:24
So the first woman take a look and turn the role. Is the owner
05:27
basic issues a manager or exacted the ultimate sponsor for the data? The response for Labour and data? The response for ensuring the data is protected by controls, and they select again the data custodians.
05:39
We look at the custodian. They directly managed data on on your basis. They actually apply, technical and chose requested by the owner. And he perform backups and review security settings. Periodically,
05:49
we have our privacy officers basically organizations obligated to keep company data from being leaked and ensure that access of this system allowed clients to only access to their own data. It also facilitates compliance with privacy laws as well as regulations. That's where your privacy also come into play
06:08
now for your users. They're not directly responsible managing data
06:12
but high above the steel responsible. Adhering to the data security policies
06:18
continuing with the objective 5.8 giving a scenario, we'll take a look at data attention as well as illegal and compliance. When you think about data retention is the prices of maintaining the existence off control of a certain data for compliance purposes. Now, data retention is basically taking data for a specific period of time
06:38
organization often required by law to retain certain data for a length of time.
06:44
Then we have legal and compliance.
06:46
It is responsible of organization sure that the data security and privacy practices in the security policy conforms to any Apple laws or regulations.
06:55
Other words p i person identify information, personal, hip protected health information as well. Any absent any Apple laws or regulations organization should show do does it by including recommended standards for data security based on another business practice in a similar industry.
07:13
This brings us to our post assessment quiz, and it reads as follows.
07:17
Which of the following operation should you undertake to avoid mishandling of tapes removal, Dr CDs and DVDs? Is it eight d Galson?
07:27
Be acceptable use? See data labeling or d wiping
07:32
In this case, if you said to see you absolutely correct data labeling policies insurance, other words ensures that the data is labelled, such as confidential, private or public. It's also include how the data is handled and disposed off for all classifications data
07:49
before data can be disposed of, you would need to disco it with a data
07:54
civilization type two.
07:57
So seeing would be the correct response.
07:59
This brings us to our key takeaways. From this particular presentation, we learned that person identify information, any information that can identify individuals such as a name so scary number, date and place of birth.
08:11
We also learned that protected health information is any help related information that could be related to a specific individual, such as a health information Hecker providers help plan life, insurer and so forth.
08:24
We also learned that data retention is a process of maintaining the existence up and control over certain data for compliance purposes.
08:33
We learned that legal compliance is a process or procedures to ensure that organization follows relevant laws, regulations and been his rules
08:43
in our upcoming video will be moving on to a brand new domain and that domain It's 6.0, which is titled Photography and PK I, in fact newest ejected will be taking a look at in the next domain, which is the main six would be title 6.1. Compare and contrast
09:01
basic concepts of photography and again, I look forward to seeing you in a very next video.

Up Next

CompTIA Security+

Interested in the cybersecurity industry? The CompTIA Security+ is the gold standard for those looking to enter the cybersecurity industry. Join thousands of professionals who have gained this certification through this course and launched their careers in information security.

Instructed By

Instructor Profile Image
Jim Hollis
Independent Contractor
Instructor