Security School

Browse Sections

BACKGROUND IMAGE: iSTOCK/GETTY IMAGES

CISSP Domain 2: Asset security

Last updated:August 2017

Editor's note

Journalists know that a well-written news story should answer these six questions: Who, what, when, where, why and how? As it turns out, they’re just as crucial for infosec pros to consider when protecting information assets. Who owns the data? What is the best way to encrypt it? When should you do a data audit? Where is the data located, onsite or in the cloud or both? Why is one type of data classified differently from another? How can you ensure confidentiality, integrity and availability are continually maintained? 

In this Security School, based on (ISC)² CISSP training material on Domain 2 of the exam, learn about various data encryption methods, the ins and outs of data ownership and best practices for securing enterprise data. In his tip and video, expert Adam Gordon discusses core principles of what the CISSP categorizes as Asset Security in Domain 2. Information asset protection requires a nuanced, thoughtful approach that takes all stakeholders and requirements into account, Gordon explains.

Once you've reviewed the parts of this Security School, take the quiz to see how much you have learned about data encryption methods and what it means to practice good data management.  

View our Security School Course Catalog to view more lessons.

CISSP® is a registered mark of (ISC)².

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close