D320 80 Question Version (JYO2)
A process that assesses and identifies
Business Impact Analysis (BIA) the potential effects of disruptions to a
business operation.
A component or system that, if it fails, will
SPOF
cause the entire system to fail.
Risk assessment that uses specific nu-
Quantitative
merical values
Risk assessment that uses non-numeri-
Qualitative cal categories that are relative in nature,
such as high, medium, and low.
level, amount, or type of risk that the
Risk appetite
organization finds acceptable
The remaining risk that exists after coun-
Residual risk
termeasures have been applied.
Service model where cloud customer
has the most responsibility and authority.
Cloud provider is only liable for the un-
derlying hardware.
IaaS
Service model where cloud customer
loses more control because the cloud
provider is responsible for installing,
maintaining, and administering the OS
as well as underlying hardware.
PaaS
,D320 80 Question Version (JYO2)
Service model where cloud customer
loses all control of the environment.
Cloud provider is responsible for all of the
underlying hardware and software.
SaaS
A method of processing data in the cloud
Homomorphic encryption
while it remains encrypted.
A security strategy that involves imple-
menting multiple overlapping layers of
Defense in depth
security measures to protect an environ-
ment.
Organization that has collected or creat-
Data owner
ed the data.
Person or entity that is tasked with the
Data Custodian daily maintenance and administration of
the data.
Any org or person who manipulates,
Data Processor stores, or moves the data on behalf of the
data owner
The process of creating an inventory or
Data discovery conducting e-discovery to identify and lo-
cate data.
A data discovery method that is aided by
Label-based discovery
labels created by the data owner.
A data discovery method that involves
Metadata-based discovery discovering data using metadata traits
and characteristics.
Refers to finding information or re-
Content-based discovery
sources based on their characteristics,
, D320 80 Question Version (JYO2)
attributes, or content rather than relying
on predefined keywords or categories.
Data that is organized and formatted in a
Structured data way that is easily searchable and can be
processed by computers.
qualitative data; natural-language text;
incorporate media (audio, video, im-
ages); contains JSON, XML, binary ob-
Unstructured data
jects (images encoded as text strings);
important for data analytic strategies;
noSQL
A set of controls and technologies used
to protect certain types of assets, such
IRM (Information Rights Management)
as intellectual property or sensitive infor-
mation.
Legal protection for expressions of ideas,
Copyright such as literary, artistic, or musical
works.
Legislation that provides additional pro-
DMCA (Digital Millennium Copyright Act) tections for creative works in digital for-
mats.
Legal protection for specific words,
Trademarks phrases, symbols, or designs that distin-
guish a product or service.
A grant of exclusivity that gives the holder
Patent the right to produce, sell, and import an
invention.
A framework for secure communication
using cryptographic techniques, such as
PKI (Public Key Infrastructure)
digital certificates and public-private key
pairs.
A method of storing data as files and
File-based storage folders, similar to how data is organized
on a traditional file system.
A process that assesses and identifies
Business Impact Analysis (BIA) the potential effects of disruptions to a
business operation.
A component or system that, if it fails, will
SPOF
cause the entire system to fail.
Risk assessment that uses specific nu-
Quantitative
merical values
Risk assessment that uses non-numeri-
Qualitative cal categories that are relative in nature,
such as high, medium, and low.
level, amount, or type of risk that the
Risk appetite
organization finds acceptable
The remaining risk that exists after coun-
Residual risk
termeasures have been applied.
Service model where cloud customer
has the most responsibility and authority.
Cloud provider is only liable for the un-
derlying hardware.
IaaS
Service model where cloud customer
loses more control because the cloud
provider is responsible for installing,
maintaining, and administering the OS
as well as underlying hardware.
PaaS
,D320 80 Question Version (JYO2)
Service model where cloud customer
loses all control of the environment.
Cloud provider is responsible for all of the
underlying hardware and software.
SaaS
A method of processing data in the cloud
Homomorphic encryption
while it remains encrypted.
A security strategy that involves imple-
menting multiple overlapping layers of
Defense in depth
security measures to protect an environ-
ment.
Organization that has collected or creat-
Data owner
ed the data.
Person or entity that is tasked with the
Data Custodian daily maintenance and administration of
the data.
Any org or person who manipulates,
Data Processor stores, or moves the data on behalf of the
data owner
The process of creating an inventory or
Data discovery conducting e-discovery to identify and lo-
cate data.
A data discovery method that is aided by
Label-based discovery
labels created by the data owner.
A data discovery method that involves
Metadata-based discovery discovering data using metadata traits
and characteristics.
Refers to finding information or re-
Content-based discovery
sources based on their characteristics,
, D320 80 Question Version (JYO2)
attributes, or content rather than relying
on predefined keywords or categories.
Data that is organized and formatted in a
Structured data way that is easily searchable and can be
processed by computers.
qualitative data; natural-language text;
incorporate media (audio, video, im-
ages); contains JSON, XML, binary ob-
Unstructured data
jects (images encoded as text strings);
important for data analytic strategies;
noSQL
A set of controls and technologies used
to protect certain types of assets, such
IRM (Information Rights Management)
as intellectual property or sensitive infor-
mation.
Legal protection for expressions of ideas,
Copyright such as literary, artistic, or musical
works.
Legislation that provides additional pro-
DMCA (Digital Millennium Copyright Act) tections for creative works in digital for-
mats.
Legal protection for specific words,
Trademarks phrases, symbols, or designs that distin-
guish a product or service.
A grant of exclusivity that gives the holder
Patent the right to produce, sell, and import an
invention.
A framework for secure communication
using cryptographic techniques, such as
PKI (Public Key Infrastructure)
digital certificates and public-private key
pairs.
A method of storing data as files and
File-based storage folders, similar to how data is organized
on a traditional file system.
