exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam

Exam CISSP topic 1 question 118 discussion

Actual exam question from ISC's CISSP
Question #: 118
Topic #: 1
[All CISSP Questions]

Which of the following criteria ensures information is protected relative to its importance to the organization?

  • A. Legal requirements, value, criticality, and sensitivity to unauthorized disclosure or modification
  • B. The value of the data to the organization's senior management
  • C. Organizational stakeholders, with classification approved by the management board
  • D. Legal requirements determined by the organization headquarters' location
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
JAckThePip
Highly Voted 2 years, 2 months ago
Answer is A "Information must be classified in terms of legal requirements, value, criticality and sensitivity to any unauthorised disclosure or modification, ideally classified to reflect business activity rather than inhibit or complicate" https://www.isms.online/iso-27001/annex-a-8-asset-management/
upvoted 10 times
jackdryan
1 year, 7 months ago
A is correct
upvoted 2 times
...
...
CuteRabbit168
Highly Voted 2 years, 3 months ago
Selected Answer: A
A data classification identifies the value of the data to the organization and is critical to protect data confidentiality and integrity.
upvoted 7 times
...
Ramye
Most Recent 6 months ago
Selected Answer: B
Organization’s senior management decides the value of the data and we have to protect those accordingly. We do not secure and put controls without senior managements’ input.
upvoted 1 times
Ramye
6 months ago
On a second thought, I think C is more important than B. Stakeholders (business owners) are the data owners and their input is most important.
upvoted 1 times
...
...
georgegeorge125487
1 year, 4 months ago
Selected Answer: C
Information is protected as a result of management decision, not because you identify criteria to classify information.
upvoted 1 times
...
Bach1968
1 year, 5 months ago
Selected Answer: A
A. Legal requirements, value, criticality, and sensitivity to unauthorized disclosure or modification. Ensuring that information is protected relative to its importance to the organization involves considering several criteria. Legal requirements, such as data protection laws and industry regulations, provide a baseline for protecting sensitive information.
upvoted 1 times
...
HughJassole
1 year, 6 months ago
A. It's all encompassing.
upvoted 1 times
...
xxxBadManxxx
1 year, 6 months ago
c is the correct ans
upvoted 1 times
...
somkiatr
1 year, 12 months ago
Selected Answer: A
Just eliminated B,C, and D then chose A.
upvoted 1 times
...
[Removed]
2 years, 2 months ago
A all day baby!
upvoted 1 times
...
Cww1
2 years, 3 months ago
agree with A
upvoted 2 times
...
gooftroop
2 years, 3 months ago
C. Organizational stakeholders, with classification approved by the management board
upvoted 1 times
Rollizo
2 years, 2 months ago
really it is A, because you need first to classify for the stakeholders take the decision
upvoted 2 times
Ramye
7 months, 1 week ago
This is exactly what my thinking. Information needs to be protected according to organization’s needs and not just because we want to.
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago