Today’s Security+ study session centered around Asset Management (Section 4.2 from Professor Messer). I reviewed how every organization—from schools to Fortune 500s—follows a defined process for purchasing technology. The workflow typically starts when a user identifies a need. Budgeting teams then evaluate if the cost is justified before purchasing is approved, negotiated, and tracked. Upon delivery, items like computers or networking equipment are recorded into an asset management system. These databases often include details like the device’s owner, type (hardware or software), physical location, depreciation for hardware (not software), and even barcodes or RFID tags for tracking. It reminded me of library book systems—except these assets might include laptops, switches, tablets, or cables.
The video also highlighted what happens at the end of an asset’s lifecycle. Before disposal or reassignment, organizations must sanitize all company data. If the device contains a hard drive, tools like degaussers or physical destruction methods (drill, fire, shredder) are used to ensure no sensitive data remains. Some companies rely on certified third-party services that provide documentation verifying the destruction. Data retention requirements may also affect when and how devices are decommissioned—especially for regulated industries. I took detailed notes on these points and connected them with my own hands-on IT experience. Understanding asset management is not only essential for the Security+ exam, but it’s also part of any real-world cybersecurity job. Every router, switch, and tablet in a company is part of a larger security landscape—and knowing how to track and manage them properly is a core skill I’ll carry into my career.
📎 Learn more about my cybersecurity journey and homelab project here:
🔗 https://j03.page/2025/07/07/building-a-mobile-homelab-with-raspberry-pi-and-gl-inet-first-report/
Think Positive Cyber 
Leave a comment