Crucial Exams

ISC2 CISSP Practice Question

A global logistics company recently completed a data classification project, categorizing all information assets into 'Public', 'Internal', and 'Restricted' tiers. The Chief Information Security Officer (CISO) is now planning the next phase of the data governance program. To ensure the classification scheme is effective in practice, which of the following actions should the CISO prioritize to protect these assets according to their assigned value?

  • Develop and implement handling requirements for each data classification tier, detailing procedures for storage, transmission, and destruction.

  • Focus on declassifying as much data as possible to reduce the scope of security controls and lower operational overhead.

  • Mandate that all employees sign a new acceptable use policy to transfer all liability for data mishandling to the individual.

  • Procure a data loss prevention (DLP) solution to automatically enforce controls on all data categorized as 'Restricted'.

ISC2 CISSP
Asset Security
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot