206 Eleventh Hour Security : Exam SY0-201 Study Guide not provide information on the acceptable use of technology. Answer D is incorrect because SLAs are agreements between clients and service pro- viders that outline what services will be supplied, what is expected from the service, and who will fix the service if it does not meet an expected level of performance. 2. The correct answer is A. Change control documentation provides infor- mation of changes that have been made to a system, and often provides back out steps that show how to restore the system to its previous state. Answer B is incorrect because inventories provide a record of devices and software making up a network, not changes made to the configuration of those devices. Answer C is incorrect because classification is a scheme of categorizing information, so that members of an organization are able to understand the importance of information and less likely to leak sen- sitive information. Answer D is incorrect because retention and storage documentation is necessary to keep track of data, so that it can be deter- mined what data should be removed and/or destroyed once a specific date is reached. 3. The correct answer is D. Classified documents should be shredded before being disposed of. Printed materials can still be accessed after they have been disposed of. Classified documents may contain sensitive informa- tion about the company, its clients, or employees. To prevent printed materials from getting into the wrong hands, the policy should specify that these types of documents should be shredded. Answer A is incorrect because even if data is deleted from a hard disk it may still be recovered. Answer B is incorrect because it is not a standard method of physically destroying magnetic media. Answer C is incorrect because non-classified materials such as media releases are not sensitive, and are cleared for public release. There is no problem with someone outside of the organi- zation seeing this type of material. 4. The correct answer is B. When information is designated as classified, it means that it is for internal use only and not for distribution to parties outside of the organization. Answers A and C are incorrect because when information is classified as public or unclassified, then it can be viewed by parties outside of an organization. Answer D is incorrect because external documents are those generated outside of the organization. 5. The correct answer is B. Policy regarding the retention of data will decide how long the company will retain data before destroying it. Retention and storage documentation is necessary to keep track of this data, so that it can be determined what data should be removed and/or destroyed once a spe- cific date is reached. Answer A is incorrect because disaster recovery docu- mentation is used to provide information on how the company can recover from an incident. Answer C is incorrect because change documentation provides information on changes that have occurred in a system. Answer D is incorrect because destruction logs are used to chronicle what data and equipment have been destroyed after the retention date has expired.