Logical Asset Security
- Basic Security Principles
- Data Management: Determine and Maintain Ownership
- Data Standards
- Data Security, Protection, Sharing, and Dissemination
- Classifying Information and Supporting Assets
- Asset Management and Governance
- Determine Data Security Controls
- Laws, Standards, Mandates and Resources
- Exam Prep Questions
- Answers to Exam Prep Questions
- Need to Know More?
In this chapter from CISSP Exam Cram, 4th Edition, Michael Gregg explains the importance of basic security principles that help protect data while it is in transit, in storage, and at rest.
Asset security addresses the controls needed to protect data throughout its lifecycle. From the point of creation to the end of its life, data protection controls must be implemented to ensure that information is adequately protected during each life cycle phase. This chapter starts by reviewing the basic security principles of confidentiality, integrity, and availability and moves on to data management and governance.
A CISSP must know the importance of data security and how to protect it while it is in transit, in storage, and at rest. A CISSP must understand that protection of data is much more important today than it was ten to fifteen years ago because data is no longer in just a paper form. Today, data can be found on local systems, RAID arrays, or even in the cloud. Regardless of where the data is stored it must have adequate protection and be properly disposed of at the end of its useful life.