DOMAIN 2Asset Security

TO APPLY AND ENFORCE effective asset security, you must concentrate on inventorying all sources of value, called assets. Assets can be tangible or intangible, existing in the form of information stores, databases, hardware, software, or entire networks.

In this domain, we cover significant elements of strategy to identify, categorize, secure, and monitor those assets throughout the information lifecycle. Although assets can also be buildings and real estate, those are not within the scope of this domain — physical security is substantially addressed in Chapter 7, “Security Operations.” This chapter will focus on the best policies, practices, and methods to properly assure the confidentiality, integrity, and availability ...

Get The Official (ISC)2 CISSP CBK Reference, 6th Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.