(ISC)2 Certified in Cybersecurity Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the (ISC)2 Certified in Cybersecurity Exam with comprehensive quizzes and extensive question banks. Enhance your skills with detailed explanations and practice tests designed to improve your expertise for the certification exam. Get exam-ready now!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

When data has reached the end of the retention period, it should be what?

  1. Destroyed

  2. Archived

  3. Enhanced

  4. Sold

The correct answer is: Destroyed

When data has reached the end of its retention period, the correct approach is to destroy it. This is essential to maintain data privacy and comply with various regulations such as GDPR, HIPAA, and others that mandate strict data handling and disposal measures. Retaining data beyond the necessary period increases the risk of unauthorized access and potential data breaches. Destruction involves purging the data in a manner that prevents any possibility of recovery. This could include physical destruction methods for hard drives, secure deletion software for electronic files, or shredding physical documents. While archiving might seem like a viable option for data that could be useful in the future, it does not align with the principle of data minimization, which advocates for keeping only the necessary data for operational purposes. Similarly, enhancing or selling data after it has reached its retention limit compromises security protocols and legal compliance, as it could lead to misuse or exposure of sensitive information. Therefore, the practice of destroying data at the end of its retention period is a cornerstone of effective data governance and security strategy.

More Questions Like This