Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CCSP All Questions

View all questions & answers for the CCSP exam
Go to Exam

Exam CCSP topic 1 question 346 discussion

Actual exam question from ISC's CCSP
Question #: 346
Topic #: 1
[All CCSP Questions]

Above and beyond general regulations for data privacy and protection, certain types of data are subjected to more rigorous regulations and oversight.
Which of the following is not a regulatory framework for more sensitive or specialized data?

  • A. FIPS 140-2
  • B. FedRAMP
  • C. PCI DSS
  • D. HIPAA
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
The FIPS 140-2 standard pertains to the certification of cryptographic modules and is not a regulatory framework. The Payment Card Industry Data Security
Standard (PCI DSS), the Federal Risk and Authorization Management Program (FedRAMP), and the Health Insurance Portability and Accountability Act (HIPAA) are all regulatory frameworks for sensitive or specialized data.
by kjjcraigskel at Oct. 8, 2020, 3:51 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
theyetifollowsme
Highly Voted 4 years ago
The question is concerned with "data" and FIPS 140-2 is a standard that pertains to cryptographic "modules" and not data.
upvoted 9 times
...
cloudenthusiast
Most Recent 8 months, 3 weeks ago
Selected Answer: A
FIPS 140-2 is a certification standard for cryptographic module and it is not a framework.
upvoted 1 times
...
joeee7
1 year, 4 months ago
FedRAMP.
upvoted 1 times
...
Pika26
1 year, 6 months ago
Selected Answer: C
C: PCI DSS
upvoted 2 times
...
DA95
1 year, 11 months ago
The correct answer is B. FedRAMP. FedRAMP, or the Federal Risk and Authorization Management Program, is not a regulatory framework for specialized data. Rather, it is a program run by the U.S. government that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services used by federal agencies. The other three options, FIPS 140-2, PCI DSS, and HIPAA, are all regulatory frameworks that provide specific guidelines and requirements for the handling of sensitive or specialized data.
upvoted 1 times
...
akg001
2 years, 6 months ago
Selected Answer: A
A. FIPS 140-2
upvoted 1 times
...
[Removed]
2 years, 10 months ago
Answer C. "Which of the following is not a regulatory framework for more sensitive or specialized data?" FIPS 140-2 is not a framework at all, its a guidelines so I guess it gets ruled out from the options itself as the question is asking to rule out the Framework specifically.
upvoted 1 times
...
babusartop17
3 years, 5 months ago
This is the 2nd time they've done it. Choose two should be the case here both PCI-DSS and FIPS are not regulatory framework. I think the Question maker was clearly high on something and I want to know "on what"?
upvoted 3 times
AWSPro24
2 years, 11 months ago
I could not agree more. I recently passed the CISSP and now doing this one and I also happen to have been involved in test development at one point in my career. All of the questions on these exams read as though they gave a random person who does not work i technology a set of source and said "write questions", it is as if the authors are completely context ignorant.
upvoted 1 times
...
...
NobleGiantz
3 years, 9 months ago
A is correct
upvoted 3 times
...
kjjcraigskel
4 years, 1 month ago
PCI DSS is not a regulatory requirement
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel