Suggested Answer:C🗳️
The Data/Information Owner is ultimately responsible for the protection of the data. It is the Data/Information Owner that decides upon the classifications of that data they are responsible for. The data owner decides upon the classification of the data he is responsible for and alters that classification if the business need arises. The following answers are incorrect: Security Administrator. Is incorrect because this individual is responsible for ensuring that the access right granted are correct and support the polices and directives that the Data/Information Owner defines. User. Is Incorrect because the user uses/access the data according to how the Data/Information Owner defined their access. Auditor. Is incorrect because the Auditor is responsible for ensuring that the access levels are appropriate. The Auditor would verify that the Owner classified the data properly.
References: CISSP All In One Third Edition, Shon Harris, Page 121
I remember this from someone in the Sec+ discussion section: Remember the "Owner is Classy"
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
e098e9c
7 months, 3 weeks ago