Chapter 2 ■ Asset Security (Domain 2) 43
C. It is more expensive than new media and may still fail.
D. Clearing is required first.- Incineration, crushing, shredding, and disintegration all describe what stage in the life-
cycle of media?
A. Sanitization
B. Degaussing
C. Purging
D. Destruction - The European Union (EU) General Data Protection Regulation (GDPR) does not include
which of the following key elements?
A. The need to collect information for specified, explicit, and legitimate purposes
B. The need to ensure that collection is limited to the information necessary to achieve
the stated purpose
C. The need to protect data against accidental destruction
D. The need to encrypt information at rest - Why might an organization use unique screen backgrounds or designs on workstations
that deal with data of different classification levels?
A. To indicate the software version in use
B. To promote a corporate message
C. To promote availability
D. To indicate the classification level of the data or system - Charles has been asked to downgrade the media used for storage of private data for his
organization. What process should Charles follow?
A. Degauss the drives, and then relabel them with a lower classification level.
B. Pulverize the drives, and then reclassify them based on the data they contain.
C. Follow the organization’s purging process, and then downgrade and replace labels.
D. Relabel the media, and then follow the organization’s purging process to ensure that
the media matches the label. - Which of the following tasks are not performed by a system owner per NIST SP 800-18?
A. Develops a system security plan
B. Establishes rules for appropriate use and protection of data
C. Identifies and implements security controls
D. Ensures that system users receive appropriate security training