Module 2: Data Loss Prevention and Mobile Endpoint Protection

by
Contents hide
1 INTRODUCTION – Data Loss Prevention and Mobile Endpoint Protection
2 DATA SECURITY AND PROTECTION KNOWLEDGE CHECK
3 MOBILE ENDPOINT PROTECTION KNOWLEDGE CHECK
4 DATA LOSS PREVENTION AND MOBILE ENDPOINT PROTECTION GRADED ASSESSMENT
5 CONCLUSION – Data Loss Prevention and Mobile Endpoint Protection
Spread the love

INTRODUCTION – Data Loss Prevention and Mobile Endpoint Protection

In this complete module, you will probe into the critical topics of data loss prevention tools, their essential risks, and the strategic management of mobile endpoints. Careful analysis of these subjects will provide you with insight into securing sensitive information, threatening mitigation, and enhancing the security posture of mobile devices in organizations.

This module gives you the foundation and building blocks to embark on the confident and skillful handling of the highly complex dynamics of data and endpoint management.

Objectives of Learning View:

  • Manage Security of Mobile Endpoints with IBM MaaS360
  • Describe daily management of mobile endpoints
  • Discuss security available tools for mobile endpoints
  • Describe basic mobile endpoint vulnerabilities
  • Explain Guardium as an example of a data protection product
  • List the critical data protection solution capabilities divided into 12
  • Describe industry-specific data protection challenges
  • Discuss general pitfalls in data security
  • Describe general data security challenges.

DATA SECURITY AND PROTECTION KNOWLEDGE CHECK

1. A student’s grades should be visible to that student when she logs in to her university account. Her ability to see her grades is an example of which aspect of the CIA Triad?

  • Authorization
  • Integrity
  • Confidentiality
  • Availability (CORRECT)

2. A university has implemented practices that ensure all student data are encrypted while stored on university servers. Which aspect of the CIA Triad does this practice support?

  • Availability
  • Authorization
  • Confidentiality (CORRECT)
  • Integrity

3. The Student Portal of a university issues a confirmation code with a hash value each time a student submits an assignment using the portal. This is an example of which aspect of the CIA Triad?

  • Confidentiality
  • Availability
  • Integrity (CORRECT)
  • Authorization

4. True or False. An organization has “air gapped” its small network of critical data servers so they are accessible internally but not to any external system. These systems are now safe from a deliberate attack.

  • True
  • False (CORRECT)

5. C-level executives face 4 challenges when assuring their organizations maintain a comprehensive, workable data security solution. The proliferation of smartphones used for work would impact which two (2) of these concerns the most? (Select 2)

  • A cybersecurity skills shortage
  • Explosive data growth (CORRECT)
  • Operational complexity
  • New privacy regulations (CORRECT)

6. True or False. An organization is subject to both GDPR and PCI-DSS data security regulations and has dedicated all of its efforts in remaining in compliance with these 2 sets of regulations. They are correct in believing that their data is safe.

  • True
  • False (CORRECT)

7. True or False. A newly hired CISO made the right choice when he moved the Known Vulnerabilities list to a high priority for his team to resolve even though none of these had ever been exploited on the company’s network to-date.

  • True (CORRECT)
  • False

8. All industries have their own unique data security challenges. Which of these industries has a particular concern with HIPAA compliance and the highest cost per breached record?

  • Retail
  • Financial
  • Transportation
  • Healthcare (CORRECT)

9. All industries have their own unique data security challenges. Which of these industries has a particular concern with being targeted more than any other by cybercriminals “because that is where the money is”?

  • Financial (CORRECT)
  • Healthcare
  • Transportation
  • Retail

10. Which three (3) of these are among the top 12 capabilities that a good data security and protection solution should provide? (Select 3)

  • Data discovery (CORRECT)
  • Role based access control
  • Data risk analysis (CORRECT)
  • Blocking, masking and quarantining (CORRECT)

Partially correct!

11. Parsing discovered data against known patterns or key words is a process known as what?

  • Data risk analysis
  • Data classification (CORRECT)
  • Vulnerability assessment
  • Data discovery

12. Which data protection process takes data activity monitoring output and uses it to generate insights about threats?

  • Data classification
  • Active analytics (CORRECT)
  • Data discovery
  • Vulnerability assessment

13. True or False. The IBM Guardium administrator needs to be someone with the highest level of access to the data being protected?

  • True
  • False (CORRECT)

MOBILE ENDPOINT PROTECTION KNOWLEDGE CHECK

1. Which mobile operating system runs the majority of smartphones today?

  • iOS
  • Android (CORRECT)
  • Blackberry
  • Windows

2. Which mobile operating system runs approximately 60% of tablet computers worldwide?

  • iOS (CORRECT)
  • Blackberry
  • Windows
  • Android

3. True or False. Security is enhanced on iOS mobile devices because users typically cannot interact directly with the operating system.

  • True (CORRECT)
  • False

4. Which statement best describes the use of anti-virus software on mobile devices?

  • Mobile devices provide native security that makes additional anti-virus software unnecessary.
  • Antivirus software is very effective on mobile devices because it can inspect the data that is associated with each app that is running.
  • Antivirus software can “see” the apps that are running on a mobile device but cannot see the data that is associated with each app. (CORRECT)
  • Antivirus software is very effective on mobile devices because it can inspect the data that is associated with each app but only while the app is not running.

5. Which type of threat is Jailbreaking?

  • External
  • System based (CORRECT)
  • Internal
  • App based

DATA LOSS PREVENTION AND MOBILE ENDPOINT PROTECTION GRADED ASSESSMENT

1. Which mobile operating system was originally based on the Linux kernel?

  • Android (CORRECT)
  • Blackberry
  • Windows
  • iOS

2. Which two (2) mobile operating combined dominate the vast majority of the smartphone market? (Select 2)

  • iOS (CORRECT)
  • Windows
  • Blackberry
  • Android (CORRECT)

Partially correct!

3. True or False. Security is enhanced on Android mobile devices because users interact directly with the operating system.

  • True
  • False (CORRECT)

4. What is one limitation to the operation of anti-virus software running on mobile devices?

  • Mobile devices provide native security that makes additional anti-virus software unnecessary.
  • Antivirus software is very effective on mobile devices because it can inspect the data that is associated with each app but only while the app is not running.
  • Antivirus software must be granted permission to inspect each app on a device.
  • Antivirus software can “see” the apps that are running on a mobile device but cannot see the data that is associated with each app. (CORRECT)

5. On a mobile device, which type of threat is a phishing scam?

  • External
  • Internal
  • App based (CORRECT)
  • System based

6. A university uses clustered servers to make sure students will always be able to submit their assignments even if one server is down for maintenance. Server clustering enables which aspect of the CIA Triad?

  • Confidentiality
  • Availability (CORRECT)
  • Integrity
  • Authorization

7. A university has enabled WPA2 encryption on its WiFi systems throughout the campus. Which aspect of the CIA Triad is directly supported by this action?

  • Integrity
  • Confidentiality (CORRECT)
  • Availability
  • Authorization

8. A student can see her grades via her school’s Student Portal but is unable to change them. This restriction is in support of which aspect of the CIA Triad?

  • Confidentiality
  • Integrity (CORRECT)
  • Authorization
  • Availability

9. True or False. An operator who corrupts data by mistake is considered an “inadvertent attack” that should be considered when developing data protection plans.

  • True (CORRECT)
  • False

10. C-level executives face 4 challenges when assuring their organizations maintain a comprehensive and workable data security solution. GDPR, CCPA, and PCC-DSS are concerned with which one of these challenges?

  • A cybersecurity skills shortage
  • Operational complexity
  • Explosive data growth
  • New privacy regulations (CORRECT)

11. True of False. A biotech research company with a very profitable product line has grown so rapidly it has acquired a marketing company, a small IT services company and a company that specializes in pharmaceutical manufacturing and distribution.  The CEO of the parent company made a good decision when he decided not to consolidate all data security under a single CISO, believing that each of the new divisions understands its own data security needs better than the parent company possibly could.

  • True
  • False (CORRECT)

12. Which three (3) of these are among the 5 common pitfalls of data security? (Select 3)

  • Healthcare
  • Transportation (CORRECT)
  • Retail
  • Financial

13. All industries have their own unique data security challenges. Which of these industries has a particular concern with a widely distributed IT infrastructure that must provide services across a multiple government jurisdictions while not violating the privacy concerns of its users?

  • Healthcare
  • Transportation (CORRECT)
  • Retail
  • Financial

14. Which three (3) of these are among the top 12 capabilities that a good data security and protection solution should provide? (Select 3)

  • Encryption (CORRECT)
  • Data classification (CORRECT)
  • Incident management
  • Data and file monitoring (CORRECT)

Partially correct!

15. Which is the data protection process that addresses inappropriate privileges, insecure authentication methods, account sharing, configuration files and missing security patches?

  • Data risk analysis
  • Vulnerability assessment (CORRECT)
  • Data classification
  • Data discovery

16. Which data protection process substitutes key data with a token that is issued by a trusted third-party where the token can be accessed but not redeemed by an untrusted party?

  • Data classification
  • Data discovery
  • Tokenization (CORRECT)
  • Substitution

17. IBM Guardium provides heterogeneous data source support. This support results in which capability?

  • Each data repository can maintain a unique security policy
  • Similar security capabilities can be applied to different types of data repositories (CORRECT)
  • Different security policies can be applied against data of the same type
  • There is support for both structure and unstructured data sources

CONCLUSION – Data Loss Prevention and Mobile Endpoint Protection

In summary, totally master the concepts in this module and you will see an organization which will be able to keep the integrity and security of data assets while managing mobile endpoints easily.

By mastering data-loss prevention tools, risks involved, and sound mobile endpoint management strategies, professionals will be greatly ahead in preventing breaches and compliance violations. This kind of education enables people to follow the rapidly changing security landscape with keen eyes and all the flexibility that the current digital world affords while making even more robust defenses for their organization.

Leave a Comment