CHAPTER 2

Asset Security

This domain includes questions from the following topics:

•   Information life cycle

•   Information classification and protection

•   Information ownership

•   Protection of privacy

•   Information retention

•   Data security controls

•   Data handling requirements

While Domain 1 sets the stage for the basis of how security programs should be constructed and managed, the point of security programs is entirely to protect the assets identified as critical to the enterprise. To do this effectively—and especially cost effectively—one has to understand the nature of what needs to be protected, why it needs to be protected, and how to protect it. Domain 2 focuses on understanding which information assets need to be protected ...

Get CISSP Practice Exams, Fifth Edition, 5th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.