Weekly CISSP Exam Questions
Question: Your organization keeps physical client files in a secure room. Which of the following controls primarily concerns asset retention?
A. Restricted access based on job role
B. Paper shredding policy
C. Climate control in the room
D. Digital backups of the files
Answer: B
Explanation:
Restricted access based on job role: This is primarily a control related to asset access or asset protection, not asset retention. While it's important for safeguarding the physical client files, it doesn't speak to how long those files should be kept or what happens to them when they are no longer needed.
Paper shredding policy: This directly pertains to asset retention. It dictates how long physical files should be kept and outlines the process for their secure disposal once they're no longer needed, thus ensuring that outdated or unnecessary files don't become a security risk.
Climate control in the room: While important for the physical well-being of the files, climate control is more concerned with asset preservation rather than retention. It doesn’t dictate how long files should be kept or what to do with them when they’re no longer needed.
Digital backups of the files: This involves creating digital copies of physical files, which could be considered a form of asset protection or data redundancy. However, it doesn't specifically address the retention period or disposal methods for the physical files themselves.
Podcasts
Check out my weekly podcasts that delve deep into the relevant topics related to each of CISSP domains. In addition, I will go over specific questions and they can be interpreted and answered.
CISSP Cyber Training Academy
Tired of not knowing how to study for the CISSP Exam?
Check out the CISSP Cyber Training Academy to help you on your journey!
CISSP Cyber Training - YouTube
Check out my video collection on YouTube discussing all the details needed to help you pass the CISSP exam.
