Security controls can be organized into three types: tec_________, ope___________, and man___________.

Technical control types include the many technologies used to protect assets. This includes encryption, authentication systems, and others.

The principle of least priv____________ is a security concept in which a user is only granted the minimum level of access and authorization required to complete a task or function.

The data lif_____________ is an important model that security teams consider when protecting information. It influences how they set policies that align with business objectives. It also plays an important role in the technologies security teams use to make information accessible.

In general, the data lifecycle has five stages. Each describe how data flows through an organization from the moment it is created until it is no longer useful:

col______ sto______ us______ arc______ des______

Data gove_________ is a set of processes that define how an organization manages information. gove_________ often includes policies that specify how to keep data private, accurate, available, and secure throughout its lifecycle.

Effective data governance is a collaborative activity that relies on people. Data governance policies commonly categorize individuals into a specific role:

Data ow__________: the person that decides who can access, edit, use, or destroy their information.

Data cus_________: anyone or anything that's responsible for the safe handling, transport, and storage of information.

Data ste__________: the person or group that maintains and implements data governance policies set by an organization.

p___ is any information used to infer an individual's identity. Personally identifiable information and refers to information that can be used to contact or locate someone.