CompTIA Updated SY0-701 Exam Questions and Answers by herbie

The best answer is A. To ensure data is securely destroyed when no longer needed.

During asset decommissioning, organizations must handle storage media and data according to established data retention policies. These policies define how long data must be kept and when it should be securely destroyed. Following them helps ensure that data is not kept longer than necessary and is properly sanitized or destroyed when retention requirements have been met.

This is important for:

reducing risk of unauthorized data exposure

meeting legal and regulatory obligations

preventing sensitive information from being recovered from retired assets

limiting unnecessary storage and liability

Why the other options are incorrect:

B. To make backup copies of all company data before disposing of hardwareNot all data should be backed up indefinitely. Retention policies are about keeping data only as long as required.

C. To allow employees to access old files even after the hardware is recycledThis is not the primary purpose of retention policies during decommissioning.

D. To keep all customer data available in case it is required in the futureKeeping all data forever is not a proper retention strategy and can create legal and security problems.

From the SY0-701 perspective, asset disposal and media sanitization are closely tied to retention schedules and secure destruction practices, so A is the correct answer.

Effective security governance requires clear assignment of roles and responsibilities, such as owners, controllers, and custodians, to ensure accountability for security-related tasks and data management within the organization. This establishes clear lines of responsibility and authority, which is fundamental to governance frameworks.

Detailed Explanation:Swipe cards and biometric scanners are commonly used to control on-premises access due to their reliability and ability to restrict unauthorized entry. Swipe cards provide physical access control, while biometric scanners ensure identity verification. Reference: CompTIA Security+ SY0-701 Study Guide, Domain 1: General Security Concepts, Section: " Physical Security Controls " ​​.