nerdexam
ExamsCISSPQuestions#1516
(ISC)2(ISC)2

CISSP · Question #1516

CISSP Question #1516: Real Exam Question with Answer & Explanation

Information classification follows a logical lifecycle: you must first identify and document what information assets exist before you can evaluate them, then assign a classification level based on sensitivity and value, apply the appropriate security markings so handlers know how

Submitted by kim_seoul· Mar 5, 2026Asset Security - Understanding and applying data classification policies and procedures (CISSP Domain 2 / CompTIA Security+ Data Protection)

Question

Drag and Drop Question Place the following information classification steps in sequential order. Answer:

Explanation

Information classification follows a logical lifecycle: you must first identify and document what information assets exist before you can evaluate them, then assign a classification level based on sensitivity and value, apply the appropriate security markings so handlers know how to protect it, conduct periodic reviews to ensure the classification remains accurate over time, and finally declassify when the information no longer warrants protection. This sequence reflects both practical necessity (you can't classify what you haven't identified) and governance best practices (declassification is always the last step, not an early decision). Skipping or reordering steps would create security gaps, such as marking data before properly evaluating its sensitivity or declassifying without periodic review to justify the decision.

Topics

#Information Classification#Data Governance#Security Markings#Asset Management

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CISSP PracticeBrowse All CISSP Questions