ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam
Go to Exam

Exam CISSP topic 1 question 264 discussion

Actual exam question from ISC's CISSP
Question #: 264
Topic #: 1
[All CISSP Questions]

A Chief Information Officer (CIO) has delegated responsibility of their system security to the head of the information technology (IT) department. While corporate policy dictates that only the CIO can make decisions on the level of data protection required, technical implementation decisions are done by the head of the IT department. Which of the following BEST describes the security role filled by the head of the IT department?

  • A. System security officer
  • B. System processor
  • C. System custodian
  • D. System analyst
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Yanjun at Sept. 17, 2022, 1:05 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
JohnyDal
Highly Voted 1 year, 8 months ago
Selected Answer: C
Implementation=custodian
upvoted 8 times
jackdryan
1 year, 5 months ago
C is correct
upvoted 3 times
...
...
s_elyon
Highly Voted 1 year, 9 months ago
Selected Answer: C
The question says "technical implementation decisions are done by the head of the IT department" The Head of IT implements decisions. Custodians implement management decisions
upvoted 5 times
evenkeel
1 year, 9 months ago
right, but they don't make decisions.
upvoted 1 times
evenkeel
1 year, 9 months ago
ok, I see your point. crap question that depends on how you interpret 'technical implementation decisions are done by'
upvoted 3 times
...
...
...
BigITGuy
Most Recent 2 weeks, 2 days ago
Selected Answer: C
Not A. System security officer is a role typically focuses on managing the security program and policies, not just the technical implementation.
upvoted 1 times
...
GPrep
9 months, 2 weeks ago
Selected Answer: A
8.2.5 Information System Security Officer The ISSO is the agency official assigned responsibility by the SAISO, authorizing official, management official, or information system owner for ensuring that the appropriate operational security posture is maintained for an information system or program. The ISSO has the following responsibilities related to system security plans: • Assisting the SAISO in identifying, implementing, and assessing the common security controls; and • Actively supporting the development and maintenance of the system security plan, to include coordinating system changes with the information system owner and assessing the security impact of those changes. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-100.pdf (pg 79)
upvoted 2 times
...
Jacobmy98
1 year, 2 months ago
Selected Answer: A
I choose A
upvoted 1 times
...
HughJassole
1 year, 4 months ago
A. System security officer A custodian holds info, as in custody: "A third-party entity that holds and safeguards a user’s private keys or digital assets on their behalf. Depending on the system, a custodian may act as an exchange and provide additional services, such as staking, lending, account recovery, or security features." https://csrc.nist.gov/glossary/term/custodian#:~:text=Definition(s)%3A,account%20recovery%2C%20or%20security%20features.
upvoted 1 times
...
rajkamal0
1 year, 9 months ago
Selected Answer: A
Answer is A System Security Officer
upvoted 2 times
...
JAckThePip
2 years ago
Answer A "Individual assigned responsibility by the senior agency information security officer, authorizing official, management official, or information system owner for ensuring that the appropriate operational security posture is maintained for an information system or program" https://csrc.nist.gov/glossary/term/information_system_security_officer
upvoted 4 times
...
matt1976
2 years ago
I agree. A. system security officer. systems security officer (SSO) show sources. CNSSI 4009-2015. Definition(s): Individual with assigned responsibility for maintaining the appropriate operational security posture for an information system or program.
upvoted 3 times
...
Yanjun
2 years, 1 month ago
I prefer A
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago