Effective CISSP Questions

Your company received a discovery request for attendance records stored in the ERP system from an ex-employee who has filed a law case to claim the unpaid overtime fee. Which of the following is the most critical to respond to the discovery request effectively? (Wentz QOTD)
A. Acceptable use policy
B. Information security strategy
C. Vital record management
D. Information governance

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Information governance.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

Electronic Discovery Reference Model
Electronic Discovery Reference Model

Discovery, in the law of common law jurisdictions, is a pre-trial procedure in a lawsuit in which each party, through the law of civil procedure, can obtain evidence from the other party or parties by means of discovery devices such as interrogatories, requests for production of documents, requests for admissions and depositions. Discovery can be obtained from non-parties using subpoenas. When a discovery request is objected to, the requesting party may seek the assistance of the court by filing a motion to compel discovery.

Source: Wikipedia

Vital Records

Vital records are records of life events kept under governmental authority, including birth certificates, marriage licenses (or marriage certificates), separation agreements, divorce certificates or divorce party and death certificate. In some jurisdictions, vital records may also include records of civil unions or domestic partnerships.

Note that only the life events meaning is restricted to government; the records management meaning in this article applies to both government and non-government organizations.

Source: Vital record


貴公司收到了一位前員工提出的關於存儲在 ERP 系統中的考勤記錄的發現請求(discovery request),該員工已提起訴訟以索取未支付的加班費。 以下哪一項對於有效回應該發現請求最關鍵? (Wentz QOTD)
A. 可接受的使用政策(AUP)
B. 信息安全策略
C. 重要記錄(vital record)管理
D. 信息治理

1 thought on “CISSP PRACTICE QUESTIONS – 20210905

  1. Pingback: EDRM(電子發現參考模型) – Choson資安大小事

Leave a Reply