Exam CISSP topic 1 question 240 discussion

given answer is correct. collection limitation

When something is not available - that means is secure. No one can access it!!! So, D. Only store when necessary.

D. Collection limitation. They cannot steal sensitive data if you don't have it.

Storing sensitive data only when necessary is a guideline that helps to minimize the risk of data exposure or compromise. This guideline is based on the principle of data minimization, which means that organizations should only collect, process, and store the minimum amount of data necessary to accomplish their business objectives. By following this guideline, organizations can reduce the potential for data breaches, unauthorized access, and other security incidents that may result in the exposure of sensitive information. It is important for end-users to be aware of the risks associated with sensitive data and the various methods of attacks that may be used to compromise it. However, this guideline alone may not be sufficient to prevent the exposure of sensitive data.

D. Store sensitive data only when necessary would be the BEST guideline to follow when attempting to avoid the exposure of sensitive data. Storing sensitive data only when it is necessary means limiting the amount of sensitive data stored, reducing the risk of data breaches, and minimizing the impact of such breaches. It is important to minimize the amount of sensitive data stored by identifying what data is truly necessary for business operations, and to store it in a secure location that is protected with strong access controls and encryption. Other measures like monitoring mail servers, educating end-users, and establishing report parameters are important, but they are supplementary to the main principle of storing sensitive data only when it is needed.

A description of best practices or recommendations for achieving a specific policy goal. if you implement option B you will achieve option D Selected answer: B

Answer is B. "BEST guideline to follow" This can be seen as security awareness guidelines.

Given answer is correct

Going with "B" as collection limitation does not protect your data from being exposed; it only limits how much sensitive data is exposed if you get hacked. The keywords in the question "guideline" and "attempting" tells you that they're trying to change user behavior since those users are the ones in touch of some of this sensitive data.

I prefer B. People is always the key factor of cyber security.