ISC2-CISSP Domain 2: Asset Security Welcome to your ISC2-CISSP Domain 2: Asset Security 1. CISSP: Asset Security When implementing data retention policies, which of the following considerations is MOST critical to ensure compliance with global data protection regulations? A. The physical location of data storage. B. The encryption strength used for stored data. C. The duration for which the data is retained. D. The methods used for data deletion after the retention period. None 2. CISSP: Asset Security In the context of asset classification, which of the following criteria is MOST important for determining the level of protection required for a set of data? A. The format of the data (digital vs. physical). B. The potential impact of unauthorized disclosure. C. The volume of the data. D. The age of the data. None 3. CISSP: Asset Security When designing controls to protect proprietary information, which of the following is the MOST effective method for preventing unauthorized internal access? A. Implementing physical locks on file cabinets. B. Enforcing strong password policies. C. Applying role-based access control (RBAC). D. Regularly updating antivirus software. None 4. CISSP: Asset Security In the process of data lifecycle management, which stage requires the MOST rigorous security measures to prevent data breaches? A. Creation B. Storage C. Use D. Destruction None 5. CISSP: Asset Security What is the PRIMARY purpose of employing data masking techniques in a production environment? A. To improve data quality. B. To reduce storage requirements. C. To protect sensitive information from unauthorized access. D. To speed up data processing. None 6. CISSP: Asset Security When establishing criteria for data classification, which factor is LEAST likely to influence the classification level assigned to a dataset? A. The dataset's market value. B. The legal requirements surrounding the data. C. The frequency of data access. D. The potential impact of data loss. None 7. CISSP: Asset Security In the context of securing digital assets, which of the following is a PRIMARY concern when implementing a Bring Your Own Device 'BYOD' policy? A. Ensuring compatibility with enterprise software. B. Minimizing the cost of IT support. C. Protecting against loss of intellectual property. D. Maximizing employee productivity. None 8. CISSP: Asset Security Which of the following is the MOST effective strategy for ensuring the secure disposal of sensitive electronic documents? A. Overwriting the storage media multiple times. B. Deleting the documents using standard operating system commands. C. Physically destroying the storage media. D. Encrypting the documents before deletion. None 9. CISSP: Asset Security In the implementation of an Information Rights Management (IRM) system, what is the MOST significant benefit in terms of asset security? A. Reducing the storage space required for documents. B. Enhancing the speed of data retrieval. C. Controlling and tracking document access and usage. D. Decreasing the time required for data backup processes. None 10. CISSP: Asset Security In the development of a data governance framework, which factor is MOST critical for ensuring effective data classification and handling? A. The adoption of industry-standard encryption protocols. B. The involvement of stakeholders from all business units. C. The selection of a centralized data storage solution. D. The implementation of an automated data loss prevention system. None 11. CISSP: Asset Security When securing intellectual property (IP) within a multinational corporation, which strategy is MOST effective in protecting IP from theft or misuse by internal employees? A. Implementing strict physical security measures at all corporate facilities. B. Conducting regular IP awareness and security training for employees. C. Restricting IP access to top management only. D. Outsourcing IP management to a third-party security firm. None 12. CISSP: Asset Security In the process of risk assessment for digital assets, which of the following is the MOST critical factor to consider for asset valuation? A. The historical cost of acquiring the asset. B. The asset's replacement cost. C. The potential impact on the organization if the asset is compromised. D. The physical lifespan of the asset. None 13. CISSP: Asset Security Which approach is MOST effective in ensuring the confidentiality of sensitive data transmitted between remote offices via the internet? A. Utilizing dedicated leased lines for all inter-office communications. B. Implementing end-to-end encryption for data in transit. C. Mandating the use of strong passwords for all remote access. D. Regularly updating firewall and intrusion detection system (IDS) configurations. None 14. CISSP: Asset Security In the context of asset security, which of the following best describes the PRIMARY purpose of a data retention policy? A. To ensure that data is deleted after it is no longer needed. B. To optimize the performance of database systems. C. To comply with data privacy regulations. D. To facilitate faster data retrieval and processing. None 15. CISSP: Asset Security What is the MOST significant risk when implementing a cloud-based storage solution for sensitive corporate data? A. Increased operational costs due to data storage needs. B. Loss of direct control over the physical storage media. C. Reduced data retrieval times from the cloud. D. Dependence on internet connectivity for data access. None 16. CISSP: Asset Security Which factor is LEAST important when establishing a secure data disposal policy? A. The method of data destruction employed. B. The frequency of data backup prior to disposal. C. The sensitivity of the data being disposed. D. Documentation and verification of the disposal process. None 17. CISSP: Asset Security In terms of asset security, what is the PRIMARY goal of implementing a secure media sanitization process? A. To increase the lifespan of storage media. B. To ensure the recoverability of sanitized data for future needs. C. To prevent unauthorized disclosure of information. D. To comply with manufacturer warranties for storage devices. None 18. CISSP: Asset Security When configuring access controls for a document management system, which principle is MOST important to minimize the risk of unauthorized data access? A. Least privilege. B. Separation of duties. C. Mandatory vacations. D. Job rotation. None 19. CISSP: Asset Security Which strategy is MOST effective in protecting the confidentiality of sensitive information when employees use personal devices for work purposes? A. Requiring the installation of personal firewall software on all personal devices. B. Implementing a comprehensive mobile device management (MDM) solution. C. Prohibiting the use of personal devices for any work-related activities. D. Encouraging the use of public Wi-Fi networks for remote work to diversify network access points. None 20. CISSP: Asset Security In a distributed work environment, what is the MOST critical consideration when employees access corporate resources from external networks? A. The speed of the external networks. B. The physical security of the employee's remote workspace. C. The use of virtual private network (VPN) technology for secure connections. D. The brand of the networking equipment used by employees. None 1 out of 20 Time is Up! Time's up
