Page 320 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 320
demanded victims pay a ransom between $300 and $600.
Even though it spread quickly and infected so many computers, it
wasn’t a success for the criminals. Reports indicate the number of
ransoms paid was relatively small compared to the number of
systems infected. The good news here is that most organizations
are learning the value of their data. Even if they get hit by a
ransomware attack, they have reliable backups of the data,
allowing them to quickly restore it.
Understanding Data States
It’s important to protect data in all data states, including while it is at
rest, in motion, and in use.
Data at Rest Data at rest is any data stored on media such as system
hard drives, external USB drives, storage area networks (SANs), and
backup tapes.
Data in Transit Data in transit (sometimes called data in motion) is
any data transmitted over a network. This includes data transmitted
over an internal network using wired or wireless methods and data
transmitted over public networks such as the internet.
Data in Use Data in use refers to data in memory or temporary
storage buffers, while an application is using it. Because an application
can’t process encrypted data, it must decrypt it in memory.
The best way to protect the confidentiality of data is to use strong
encryption protocols, discussed later in this chapter. Additionally,
strong authentication and authorization controls help prevent
unauthorized access.
As an example, consider a web application that retrieves credit card
data for quick access and reuse with the user’s permission for an e-
commerce transaction. The credit card data is stored on a separate
database server and is protected while at rest, while in motion, and
while in use.
Database administrators take steps to encrypt sensitive data stored on
the database server (data at rest). For example, they would encrypt
