CISSP: Asset Security


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description
The substantial increase in the amount of digitized data over the past few years requires an equal response in attention to the security of that data. In this course, you'll learn about asset security best practices including classification techniques and asset security ownership. This course also covers privacy protection considerations, including data remanence and collection limitations. Finally, you'll explore best practices for media, hardware and personnel retention, and techniques for determining the most appropriate data security controls like scoping, tailoring and cryptography. This course is one of a series in the Skillsoft learning path that covers the objectives for the Certified Information Systems Security Professional (CISSP) exam.

Target Audience
Individuals interested in information systems security concepts, methodologies and best practices; candidates for the Certified Information Systems Security Professional (CISSP) exam

Prerequisites
None

Expected Duration (hours)
1.5

Lesson Objectives

CISSP: Asset Security

  • start the course
  • distinguish between data classification categories
  • identify the seven phases of implementing a classification scheme
  • distinguish between the five typical government/military classification levels
  • distinguish between the four common business classification levels
  • identify the role of senior managers in asset security
  • identify the role of security professionals in asset security
  • identify the role of data owners in asset security
  • identify the role of data custodians in asset security
  • identify the role of users in asset security
  • identify the role of auditors in asset security
  • specify data owner best practices to ensure privacy protection
  • specify data processor best practices to ensure privacy protection
  • specify data remanence best practices to ensure privacy protection
  • identify data collection best practices to ensure privacy protection
  • identify best practices to appropriately retain media assets
  • identify best practices to appropriately retain hardware assets
  • identify best practices to appropriately retain personnel assets
  • use baselines to determine appropriate date security controls
  • use scoping and tailoring to determine appropriate security controls
  • use standards selection to determine appropriate security controls
  • use cryptography for determining appropriate security controls
  • establish best practices for marking and labeling media
  • establish best practices for storing media
  • establish best practices for destruction of sensitive information
  • classify an asset, delegate ownership, determine appropriate privacy, retention and security controls, and establish handling requirements

    • Course Number:
    sp_cisp_a03_it_enus

    Expertise Level
    Intermediate