When gathering information for embarkables, what two types of data should be collected?

When gathering information for embarkables, focusing on assets and users is essential because these are the critical components that provide a clear picture of the operational environment in which security measures must be applied.

Assets refer to the tangible and intangible resources that an organization relies on, including hardware, software, data, and any other elements that are critical to the business operation and needs protection. Understanding the assets enables a technician to identify what needs to be secured and prioritized in terms of vulnerability management and risk assessment.

Users are equally important since they represent the human element of cybersecurity. Knowing who has access to various systems and data helps in understanding potential risks, including insider threats, user privileges, and the need for access controls. Additionally, it allows for implementing necessary training and awareness programs tailored to user behavior and risks.

Collecting information on assets and users together leads to a comprehensive understanding of the organization's security posture, allowing for more effective strategies in safeguarding against vulnerabilities.