nerdexam
(ISC)2

CISSP · Question #716

Which of the following explains why classifying data is an important step in performing a Risk assessment?

The correct answer is D. To help determine the appropriate level of data security controls. Classifying data is an important step in performing a risk assessment, because it helps to determine the appropriate level of data security controls. Data classification is a process of assigning labels or categories to data based on their sensitivity, value, or criticality. Data

Submitted by zhang_li· Mar 5, 2026Security and Risk Management

Question

Which of the following explains why classifying data is an important step in performing a Risk assessment?

Options

  • ATo provide a framework for developing good security metrics
  • BTo justify the selection of costly security controls
  • CTo classify the security controls sensitivity that helps scope the risk assessment
  • DTo help determine the appropriate level of data security controls

How the community answered

(28 responses)
  • B
    4% (1)
  • D
    96% (27)

Explanation

Classifying data is an important step in performing a risk assessment, because it helps to determine the appropriate level of data security controls. Data classification is a process of assigning labels or categories to data based on their sensitivity, value, or criticality. Data classification helps to identify the potential impact of data loss, disclosure, or modification, and the corresponding level of protection required. Data classification also helps to prioritize the data assets and allocate the resources for risk management.

Topics

#data classification#risk assessment#security controls#data sensitivity

Community Discussion

No community discussion yet for this question.

Full CISSP Practice