SANS Assessment of Student Learning Plan (ASLP) Security Awareness Training

Disable ads (and more) with a membership for a one time $2.99 payment

Enhance your understanding of SANS ASLP Security Awareness Training with flashcards and multiple-choice questions, each offering hints and explanations. Prepare effectively for your exam!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What should you do with sensitive data that the organization no longer needs to retain?

Archive it
Securely dispose of the physical or digital data
Delete it without a backup
Store it in a personal folder

The correct answer is: Securely dispose of the physical or digital data

When handling sensitive data that the organization no longer needs, securely disposing of the physical or digital data is the best practice. This approach ensures that any confidential information is unrecoverable and cannot be accessed by unauthorized individuals. Securing disposal methods, such as shredding physical documents or using data-wiping software for digital files, are vital for protecting sensitive information from potential leaks or breaches. In contrast, archiving the data does not truly eliminate the risk associated with retaining sensitive information, as archived data can still be accessed or misused. Simply deleting data without a backup may not guarantee that it is completely unrecoverable, as sophisticated recovery techniques might retrieve it, posing a security risk. Storing sensitive data in a personal folder raises significant concerns regarding unauthorized access and potential data breaches, as personal storage is often less secure than organizational systems. Therefore, securely disposing of data is the most responsible and effective approach.