ABSTRACT
Summary of the second domain of
CISSP official study guide based on the
book: ‘Destination CISSP: A concise
guide’.
Remco van der Schoot
CISSP DOMAINS
EXPLAINED
A summary of the information needed in order to achieve
certification in CISSP
, CISSP domains explained | Remco van der Schoot
INHOUDSOPGAVE
Introduction ............................................................................................................................................................ 3
Domain two: Asset Security ................................................................................................................................... 4
1. Identify and classify information and assets ....................................................................................................... 4
1.1. Asset classification ....................................................................................................................................... 4
1.2. Classification process ................................................................................................................................... 4
1.3. Classification versus categorization ............................................................................................................. 5
1.4. Labeling and marking ................................................................................................................................... 5
2. Establish information and asset handling requirements .................................................................................... 5
2.1. Media handling ............................................................................................................................................ 5
3. Provision resources securely ............................................................................................................................... 6
3.1. Data classification roles and responsibilities................................................................................................ 6
3.2. Data classification policy .............................................................................................................................. 6
4. Manage data life cycle ........................................................................................................................................ 7
4.1. Information life cycle ................................................................................................................................... 7
4.2. Data destruction........................................................................................................................................... 7
5. Ensure appropriate asset retention .................................................................................................................... 8
5.1. Data archiving .............................................................................................................................................. 8
6. Determine data security controls and compliance requirements ...................................................................... 9
6.1. Protecting data at rest ................................................................................................................................. 9
6.2. Protecting data in transit ............................................................................................................................. 9
6.3. Protecting data in use ................................................................................................................................ 10
6.4. Information obfuscation methods ............................................................................................................. 10
6.5. Digital Rights Management (DRM) ............................................................................................................. 11
6.6. Data loss prevention (DLP) ......................................................................................................................... 11
P a g i n a 2 | 11
Summary of the second domain of
CISSP official study guide based on the
book: ‘Destination CISSP: A concise
guide’.
Remco van der Schoot
CISSP DOMAINS
EXPLAINED
A summary of the information needed in order to achieve
certification in CISSP
, CISSP domains explained | Remco van der Schoot
INHOUDSOPGAVE
Introduction ............................................................................................................................................................ 3
Domain two: Asset Security ................................................................................................................................... 4
1. Identify and classify information and assets ....................................................................................................... 4
1.1. Asset classification ....................................................................................................................................... 4
1.2. Classification process ................................................................................................................................... 4
1.3. Classification versus categorization ............................................................................................................. 5
1.4. Labeling and marking ................................................................................................................................... 5
2. Establish information and asset handling requirements .................................................................................... 5
2.1. Media handling ............................................................................................................................................ 5
3. Provision resources securely ............................................................................................................................... 6
3.1. Data classification roles and responsibilities................................................................................................ 6
3.2. Data classification policy .............................................................................................................................. 6
4. Manage data life cycle ........................................................................................................................................ 7
4.1. Information life cycle ................................................................................................................................... 7
4.2. Data destruction........................................................................................................................................... 7
5. Ensure appropriate asset retention .................................................................................................................... 8
5.1. Data archiving .............................................................................................................................................. 8
6. Determine data security controls and compliance requirements ...................................................................... 9
6.1. Protecting data at rest ................................................................................................................................. 9
6.2. Protecting data in transit ............................................................................................................................. 9
6.3. Protecting data in use ................................................................................................................................ 10
6.4. Information obfuscation methods ............................................................................................................. 10
6.5. Digital Rights Management (DRM) ............................................................................................................. 11
6.6. Data loss prevention (DLP) ......................................................................................................................... 11
P a g i n a 2 | 11
