Ch. 5

Question 1

Which one of the following identifies the primary purpose of information classification processes?
A. Define the requirements for protecting sensitive data
B. Define the requirements for backing up data
C. Define the requirements for storing data
D. Define the requirements for transmitting data

Answer 1

A. Define the requirements for protecting sensitive data

Question 2

When determining the classification of data, which one of the following is the most important consideration?
A. Processing system
B. Value
C. Storage media
D. Accessibility

Answer 2

B. Value

Question 3

Which of the following answers would not be included as sensitive data?
A. Personally identifiable information (PII)
B. Protected Health Information (PHI)
C. Proprietary Data
D. Data posted on a website

Answer 3

D. Data posted on a website

Question 4

What is the most important aspect of marking media?
A. Date Labeling
B. Content description
C. Electronic Labeling
D. Classification

Answer 4

D. Classification

Question 5

Which of the following choices is the most reliable method of destroying data on a solid state drive?
A. Erasing
B. Degaussing
C. Deleting
D. Purging

Answer 5

D. Purging

Question 6

Which method is NOT recommended for removing data from a storage media that is used to store confidential information?
A. Formatting
B. Zeroization
C. Degaussing
D. Destruction

Answer 6

A. Formatting

Question 7

The new security plan for your organization states that all data on your servers must be classified to ensure appropriate access controls are implemented. What is true of information classification?

A. A data owner must determine the information classification of an asset.

B. Data classification refers to assigning security labels to information assets

C. The two primary classes of data classification deal with a military/institution and commercial organizations

D. The two primary classes of data classification scheme apply to nonprofit organizations and financial institutions

Answer 7

A. A data owner must determine the information classification of an asset.

B. Data classification refers to assigning security labels to information assets

D. The two primary classes of data classification deal with military institutions and commercial organizations.

Question 8

Which role is delegated to personnel of the IT department and is responsible for maintaining the integrity and security of the data?
A. Data owner
B. System Owner
C. Data Custodian
D. Process Owner

Answer 8

A. Data owner

Question 9

You have been asked to ensure that data at rest on organizational computers remains confidential. Which security control should you implement?
A. Drive Encryptions 
B. Link Encryption
C. Baselines
D. Access Control Lists

Answer 9

A. Drive Encryptions

Question 10

You are establishing the media handle requirements, including the appropriate procedures for marking, labeling, storing, and destroying data that is stored on digital media. Currently, you are concerned with the capacity of any storage medium that you may use. What should you consider as part of this storage medium aspect?
A. How easily a given medium will last before it deteriorates.
B. How long the industry will support various media options
C. The volume of records that you can store on the medium
D. How transportable the stored records should be

Answer 10

C. The volume of records that you can store on the medium.