Which of these should not be part of a data retention policy?
A: Which data do we keep?
B: How long do we keep the data?
C: Where do we keep the backup data?
D: How to safely destroy the data after the retention has expired?
CBK 2: Asset Security
Source: ThorTeaches.com practice tests
D: A data destruction policy would address how we deal with data no longer needed, the retention policy would only deal with what, how long, where and similar topics.
IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.