2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet167/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   163   164   165   166   167   168   169   170   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

165
Public 
Public
data is similar to unclassifi ed data. It includes information posted in websites, 
brochures, or any other public source. Although an organization doesn’t protect the confi -
dentiality of public data, it does take steps to protect its integrity. For example, anyone can 
view public data posted on a website. However, an organization doesn’t want attackers to 
modify this data so it takes steps to protect it. 
Although some sources refer to sensitive information as any data that isn’t 
public or unclassified, many organizations use
sensitive 
as a label. In other 
words, the term “sensitive information” might mean one thing in one orga-
nization but something else in another organization. For the CISSP exam, 
remember that “sensitive information” typically refers to any information 
that isn’t public or unclassified.
Civilian organizations aren’t required to use any specifi c classifi cation labels. However, 
it is important to classify data in some manner and ensure personnel understand the clas-
sifi cations. No matter what labels an organization uses, it still has an obligation to protect 
sensitive information. 
After classifying the data, an organization takes additional steps to manage it based 
on its classifi cation. Unauthorized access to sensitive information can result in signifi cant 
losses to an organization. However, basic security practices, such as properly marking, han-
dling, storing, and destroying data and hardware assets based on classifi cations, helps to 
prevent losses.
Defining Asset Classifications 
Asset classifi cations should match the data classifi cations. In other words, if a computer is 
processing top secret data, the computer should also be classifi ed as a top secret asset. Simi-
larly, if media such as internal or external drives holds top secret data, the media should also 
be classifi ed as top secret. 
It is common to use clear marking on the hardware assets so that personnel are reminded 
of data that can be processed or stored on the asset. For example, if a computer is used to 
process top secret data, the computer and the monitor will have clear and prominent labels 
reminding users of the classifi cation of data that can be processed on the computer.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   163   164   165   166   167   168   169   170   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish