Crucial Exams

ISC2 Governance, Risk and Compliance (CGRC) Practice Question

An organization is decommissioning a database server that stored sensitive customer PII. Before the chassis leaves the data center for disposal, which step best satisfies security and compliance requirements for system decommissioning?

  • Remove labeling, then ship the server to the recycler for destruction without further action.

  • Archive system configuration files and destroy the encryption keys after the hardware is recycled.

  • Disable the backup schedule and mark the asset as retired in the CMDB.

  • Purge all data from drives using a NIST SP 800-88 validated sanitization technique.

ISC2 Governance, Risk and Compliance (CGRC)
Compliance Maintenance
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot