Asset Security – Second CISSP Objective

Asset Security has six objectives that are covered in CISSP exams. The 10% questions in exam comes from Asset Security domain.

  1. Able to classify organizational information and its supporting assets make up the first objective of Asset Security. You must be able to take classification decisions on organizational information and be able to identify its critical and sensitive assets.
  2. Assignment of appropriate roles and asset ownership determination is the second goal of Asset Security objective. This objective covers how different roles of system/business or data owners are critical to be identified in an organization’s Asset Security.
  3. Identifying the roles of data owners, data processors, and data stewards and the privacy protection is established in this objective. Who should and should not be able to access information and how to restrict it to reduce risks and how to handle data remanence issues are part of it.
  4. Designing and implementing retention policies to cover personnel, hardware, media and data.
  5. You must know how to apply controls in order to secure your organization’s offline and online data and must be able to apply security baselines techniques, cryptography and other security measures defined accordingly.
  6. Last and the sixth objective requires you to design and implement information handling requirements. You should be able to know how to label and store sensitive information, how to appropriately discard the information that is no longer needed

CISSP, CISSP Certification Objectives, Network Security

Leave a Reply

Your email address will not be published. Required fields are marked *

For Inspirations, Special Offers and Much More

  • Services
  • Network Security
  • System Administration
  • Contact

© 2008 - 2022. All Rights Reserved