4.2 - CompTIA Security+

Acquisition/procurement process

Workflow/process for organizations to acquire software/hardware products, including vendor evaluation and compliance assurance.

Assignment/accounting

Processes that ensure each physical and data asset has an identified owner, tagged and classified in inventory.

Ownership

Each asset must have a designated owner responsible for its maintenance, security, and compliance.

Classification

Categorization of assets based on sensitivity and importance to determine appropriate security measures.

Inventory

A list of items outlining the physical/digital assets owned by an organization.

Sanitization

Removal of any sensitive data stored on corporate drives.

Destruction

Complete obliteration of data from storage devices to prevent unauthorized access.

Certificate of destruction

Confirmation that all drives provided to a third party have been completely destroyed and data is no longer accessible.

Data retention

Managing and storing data according to policies and legal requirements for a specified period before disposal.