Asset Handling
Unlock the complete study guide + 1,040 practice questions across 16 full exams.
Bundled into the existing Certified Information Systems Security Professional premium course — no separate purchase.
Included in this chapter:
- Handling is classification turned into operating rules
- Storage, transport, and the destruction decision
- Exam-pattern recognition
Security marking vs. security labeling (NIST SP 800-53 distinction)
| Dimension | Security marking | Security labeling |
|---|---|---|
| Form | Human-readable (header, cover sheet, watermark, cartridge tape) | Part of the object's data structure (metadata tag, sensitivity attribute) |
| Audience | People who handle the asset | Systems that mediate access to the asset |
| Enforcement | Manual: a handler reads it and applies the rule | Automated: a system parses it for access decisions (e.g., mandatory access control) |
| Typical use | Documents, removable media, printed output | Files, records, objects under access-control mediation |
| Fails when | Handler ignores or never sees the mark | Label is stripped, spoofed, or not bound to the object |
Decision tree
Cheat sheet
Unlock with Premium — includes all practice exams and the complete study guide.