Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
111 views3 pages

CISSP Domain 2 - Question Set 1

The document contains a set of questions related to asset security, focusing on information classification, sensitive data, and data protection processes. It includes topics such as the roles of custodians, data owners, and processors, as well as methods for data protection like pseudonymization and cryptography. The questions aim to assess knowledge on best practices for managing and securing sensitive information.

Uploaded by

sampatray
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
111 views3 pages

CISSP Domain 2 - Question Set 1

The document contains a set of questions related to asset security, focusing on information classification, sensitive data, and data protection processes. It includes topics such as the roles of custodians, data owners, and processors, as well as methods for data protection like pseudonymization and cryptography. The questions aim to assess knowledge on best practices for managing and securing sensitive information.

Uploaded by

sampatray
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Domain 2 - Asset Security

Question Set 1

1. Which one of the following identifies the primary purpose of information


classification processes?
A. Define the requirements for protecting sensitive data.
B. Define the requirements for backing up data.
C. Define the requirements for storing data.
D. Define the requirements for transmitting data

Explanation: After doing classification, we can save actual and required asset.

2. Which of the following answers would not be included as sensitive data?


A. Personally identifiable information (PII)
B. Protected health information (PHI)
C. Proprietary data
D. Data posted on a website

3. Which would an administrator do to classified media before reusing it in a less


secure environment?
A. Erasing
B. Clearing
C. Purging
D. Overwriting

4. Which one of the following tasks would a custodian most likely perform?
A. Access the data
B. Classify the data
C. Assign permissions to the data
D. Back up data
Custodian will keep data for long time.

5. Which of the following best defines “rules of behavior” established by a data


owner?
A. Ensuring that users are granted access to only what they need
B. Determining who has access to a system
C. Identifying appropriate use and protection of data
D. Applying security controls to a system

6. Your organization has a large database of customer data. To comply with the EU
GDPR, administrators plan to use pseudonymization. Which of the following best
describes pseudonymization?
A. The process of replacing some data with another identifier
B. The process of removing all personal data
C. The process of encrypting data
D. The process of storing data

7. Within the context of the EU GDPR, what is a data processor?


A. The entity that processes personal data on behalf of the data controller
B. The entity that controls processing of data
C. The computing system that processes data
D. The network that processes data

8. Which of the following best describes an application of cryptography to protect


data in motion?
A. Testing software against side-channel attacks
B. TLS
C. Whole-disk encryption
D. EDLP

9. Who has the primary responsibility of determining the classification level for
information?
A. The functional manager
B. Senior management
C. The owner
D. The user

10. Which of the following best describes the mitigation of data remanence by a
degaussing destruction process?
A. Replacing the 1’s and 0’s that represent data on storage media with random or
fixed patterns of 1’s and 0’s
B. Converting the 1’s and 0’s that represent data with the output of a
cryptographic function
C. Removing or reducing the magnetic field patterns on conventional disk
drives or tapes
D. Exposing storage media to caustic or corrosive chemicals that render it
unusable

You might also like