Chapter 4

Asset Security

IN THIS CHAPTER

Identifying and classifying information and assets

Establishing information and asset handling requirements

Provisioning resources securely

Managing the data life cycle

Ensuring appropriate asset retention

Determining data security controls and compliance requirements

The Asset Security domain addresses the collection, classification, handling, and protection of information assets throughout the information life cycle, as well as the management of physical and virtual assets such as servers, endpoints, and network devices. Essential concepts within this domain include data ownership, privacy, data security controls, and support. This domain represents 10 percent of the CISSP certification exam.

Identify and Classify Information and Assets

Information and information systems are valuable business assets that require protection from cybersecurity ...

Get CISSP For Dummies, 7th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CISSP For Dummies, 7th Edition by Lawrence C. Miller, Peter H. Gregory

Asset Security

Identify and Classify Information and Assets

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly