A large financial services company is implementing a new asset management program to improve security and compliance. The CISO has asked you, as the Information Security Manager, to prioritize which of the following should be the first step in provisioning information and assets securely?
Implement role-based access control systems
Conduct security awareness training for employees
Establish an asset inventory of tangible and intangible assets
Deploy data loss prevention solutions across the network
The correct answer is to establish an asset inventory. Before you can effectively manage, protect, and secure assets, you must first know what assets exist within the organization. An asset inventory creates the foundation for all other security controls and processes. It enables the organization to identify what needs to be protected, who owns each asset, what classification level should be applied, what controls are needed, and how the assets should be handled throughout their lifecycle. Without a proper inventory, critical assets might be overlooked in security planning, creating potential vulnerabilities. The other options represent important security practices but they logically follow after establishing what assets exist in the environment.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is establishing an asset inventory the first step in securing assets?
Open an interactive chat with Bash
What are tangible and intangible assets, and why is it important to differentiate between them?
Open an interactive chat with Bash
How does an asset inventory support compliance requirements?
Open an interactive chat with Bash
ISC2 CISSP
Asset Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access