ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question
While reviewing a design for handling customer PII, you confirm controls for secure capture, encryption at rest, and documented retention periods. No mechanism is described for sanitizing media once the retention period ends. Which data-lifecycle phase still lacks an implemented control?
The scenario covers secure capture (generation/creation), protection while stored, and written retention rules. What remains unaddressed is how the organization will eliminate the data after the retention window closes. Secure wiping, shredding, or other sanitization processes belong to the disposal phase of the data lifecycle. The other phases already have at least one control in place within the described design, so they are not the gap.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the data lifecycle?
Open an interactive chat with Bash
What does media sanitization during disposal mean?
Open an interactive chat with Bash
Why is encryption insufficient for the disposal phase?
Open an interactive chat with Bash
ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Requirements
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .