CERTIFIED-IN-CYBERSECURITY · Question #42
How many data labels are considered manageable?
The correct answer is A. 2 - 3. According to data handling and labeling best practices, two or three classifications for data are typically considered manageable for most organizations. In fact, in the ISC2 Study Guide, Chapter 5, Module 1, under Data Handling Practices in Labeling, we read that "two or three c
Question
How many data labels are considered manageable?
Options
- A2 - 3
- B1
- C
4
- D1 - 2
How the community answered
(38 responses)- A89% (34)
- B3% (1)
- C5% (2)
- D3% (1)
Explanation
According to data handling and labeling best practices, two or three classifications for data are typically considered manageable for most organizations. In fact, in the ISC2 Study Guide, Chapter 5, Module 1, under Data Handling Practices in Labeling, we read that "two or three classifications are manageable, but more than four tend to be challenging to manage. These classifications could be labels such as Public, Confidential, and Restricted, each representing a different level of data sensitivity. For example, in a healthcare organization, patient health information might be labeled "Confidential," while general health advice published on the organization's Web site might be labeled "Public. This labeling system allows the organization to easily identify and manage data based on its sensitivity level, ensuring that appropriate security measures are in place for each classification. The principle is that labeling data based on its sensitivity level should be based on a limited, unambiguous set of labels that correspond to different levels of data sensitivity. The key is to have a system that differentiates data sensitivity levels without being overly complex to implement and maintain. Some organizations need more granularity in their data classification, while others are fine with a simpler system. However, having more than four labels (">4") can make the system overly complex and difficult to manage, increasing the risk of misclassification and potential data breaches.
Topics
Community Discussion
No community discussion yet for this question.