Chapter 4

Asset Security

IN THIS CHAPTER

Identifying and classifying information and assets

Establishing information and asset handling requirements

Provisioning information and assets securely

Managing the data life cycle and ensuring appropriate asset retention

Determining data security controls and compliance requirements

The Asset Security domain addresses the collection, classification, handling, and protection of information assets throughout the information life cycle, as well as the management of physical and virtual assets such as servers, endpoints, and network devices. Essential concepts within this domain include data ownership, privacy, data security controls, and support. This domain represents 10 percent of the CISSP certification exam and is composed of the following exam objectives:

2.1 Identify and classify information and assets.
2.2 Establish information and asset handling requirements.
2.3 Provision information and assets securely.
2.4 Manage [the] data life ...

Get CISSP For Dummies, 8th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CISSP For Dummies, 8th Edition by Lawrence C. Miller, Peter H. Gregory

Asset Security

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly