Free 712-50 ECCouncil Updates

Purge involves applying logical techniques to sanitize data in all user-addressable storage locations, ensuring the data is unrecoverable without using laboratory techniques. This is a higher level of data destruction than clearing (logical removal allowing some recovery) and distinct from physical destruction (destroying storage media). Mangle is not a recognized data destruction standard.

System Security Plan (SSP) Overview:

Documents the controls in place to secure a system, the type of information handled, and system interconnections.

Focuses on describing the system's security posture, not external audit results.

Why Not Other Options:

A: Controls are a core part of the SSP.

B: Connected systems must be documented for interconnection security.

D: The type of information processed is required to determine security requirements.

References:

EC-Council CISO Material on SSP Requirements.

Definition of Compliance Management:

Involves ensuring that all employees, applications, and systems adhere to organizational rules, regulations, and legal requirements.

Includes monitoring, enforcement, and reporting of compliance activities.

Why Not Other Options:

B: Asset management focuses on tracking and managing organizational assets.

C: Risk management identifies and mitigates risks, not rule adherence.

D: Security management pertains to safeguarding systems, not rule enforcement.