CISSP Official Practice Tests by Mike Chapple, David Seidl

(chelsyfait) #1

48 Chapter 2 ■ Asset Security (Domain 2)



  1. Susan’s organization performs a zero fill on hard drives before they are sent to a third-
    party organization to be shredded. What issue is her organization attempting to avoid?
    A. Data remanence while at the third-party site
    B. Mishandling of drives by the third party
    C. Classification mistakes
    D. Data permanence

  2. Embedded data used to help identify the owner of a file is an example of what type of
    label?
    A. Copyright notice
    B. DLP
    C. Digital watermark
    D. Steganography

  3. Retaining and maintaining information for as long as it is needed is known as what?
    A. Data storage policy
    B. Data storage
    C. Asset maintenance
    D. Record retention

  4. Which of the following activities is not a consideration during data classification?
    A. Who can access the data
    B. What the impact would be if the data was lost or breached
    C. How much the data cost to create
    D. What protection regulations may be required for the data

  5. What type of encryption is typically used for data at rest?
    A. Asymmetric encryption
    B. Symmetric encryption
    C. DES
    D. OTP

  6. Which data role is tasked with granting appropriate access to staff members?
    A. Data processors
    B. Business owners
    C. Custodians
    D. Administrators

Free download pdf