Page 1255 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1255

organization, they can compare the original hashes with the hashes of
               the files the malicious insider sent out. If the hashes are different, it

               indicates the files are different and may contain hidden messages.


               Watermarking

               Watermarking is the practice of embedding an image or pattern in
               paper that isn’t readily perceivable. It is often used with currency to
               thwart counterfeiting attempts. Similarly, organizations often use
               watermarking in documents. For example, authors of sensitive
               documents can mark them with the appropriate classification such as

               “Confidential” or “Proprietary.” Anyone working with the file or a
               printed copy of the file will easily see the classification.

               From the perspective of egress monitoring, DLP systems can detect
               the watermark in unencrypted files. When a DLP system identifies
               sensitive data from these watermarks, it can block the transmission
               and raise an alert for security personnel. This prevents transmission of
               the files outside the organization.

               An advanced implementation of watermarking is digital

               watermarking. A digital watermark is a secretly embedded marker in a
               digital file. For example, some movie studios digitally mark copies of
               movies sent to different distributors. Each copy has a different mark
               and the studios track which distributor received which copy. If any of
               the distributors release pirated copies of the movie, the studio can
               identify which distributor did so.



               Auditing to Assess Effectiveness

               Many organizations have strong effective security policies in place.
               However, just because the policies are in place doesn’t mean that
               personnel know about them or follow them. Many times, an
               organization will want to assess the effectiveness of their security

               policies and related access controls by auditing the environment.

               Auditing is a methodical examination or review of an environment to
               ensure compliance with regulations and to detect abnormalities,
               unauthorized occurrences, or crimes. It verifies that the security
               mechanisms deployed in an environment are providing adequate
   1250   1251   1252   1253   1254   1255   1256   1257   1258   1259   1260