CompTIA Security Plus Mock Test Q320

Which of the following concepts is a term that directly relates to customer privacy considerations?

A. Data handling policies
B. Personally identifiable information
C. Information classification
D. Clean desk policies


Correct Answer: B
Section: Compliance and Operational Security

Explanation:
Personally identifiable information (PII) is a catchall for any data that can be used to uniquely identify an individual. This data can be anything from the person’s name to a fingerprint (think biometrics), credit card number, or patient record. This has a direct relation to customer privacy considerations.

Incorrect Answers:
A: Data handling policies would refer to only those users needing to work with it should be able to access the data.
C: Information classification is done by confidentiality and comprises of three categories, namely: public use, internal use and restricted use.
D: Clean Desk Policy Information is used to protect data and your business, encourage employees to maintain clean desks and to leave out only those papers that are relevant to the project they are working on at that moment. All sensitive information should be put away when the employee is away from their desk.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 404, 409, 412