Waste Disposal
Know the most common issues related to disposal or erasure of data.
One of the classic computer crimes reported in the literature involved a person gaining accounts and passwords to get into a computer system, and instructions on how to compromise it, by going through a telephone company's waste bins. (This often is called dumpster diving.) Similar incidents have involved statistical and taxation data. The security and control principle here is that discarded listings, media, and anything else containing data or information remain sensitive (if they were in the first place). Control on disposal is necessary.
Classified wastes should be
Stored in separate containers
Collected frequently, by security-cleared personnel
Retained in a ...
Get CISSP Training Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.