ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam
Go to Exam

Exam CISSP topic 1 question 264 discussion

Actual exam question from ISC's CISSP
Question #: 264
Topic #: 1
[All CISSP Questions]

A Chief Information Officer (CIO) has delegated responsibility of their system security to the head of the information technology (IT) department. While corporate policy dictates that only the CIO can make decisions on the level of data protection required, technical implementation decisions are done by the head of the IT department. Which of the following BEST describes the security role filled by the head of the IT department?

  • A. System security officer
  • B. System processor
  • C. System custodian
  • D. System analyst
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Yanjun at Sept. 17, 2022, 1:05 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
JohnyDal
Highly Voted 2 years ago
Selected Answer: C
Implementation=custodian
upvoted 10 times
jackdryan
1 year, 9 months ago
C is correct
upvoted 3 times
...
...
s_elyon
Highly Voted 2 years, 1 month ago
Selected Answer: C
The question says "technical implementation decisions are done by the head of the IT department" The Head of IT implements decisions. Custodians implement management decisions
upvoted 5 times
evenkeel
2 years, 1 month ago
right, but they don't make decisions.
upvoted 1 times
evenkeel
2 years, 1 month ago
ok, I see your point. crap question that depends on how you interpret 'technical implementation decisions are done by'
upvoted 3 times
...
...
...
c544a39
Most Recent 3 weeks, 4 days ago
Selected Answer: A
The answer is A (System security officer). The question specifically asks "Which of the following BEST describes the SECURITY ROLE filled by the head of the IT department?". System custodian itself is NOT a security role. System security officer is.
upvoted 1 times
...
BigITGuy
4 months, 2 weeks ago
Selected Answer: C
Not A. System security officer is a role typically focuses on managing the security program and policies, not just the technical implementation.
upvoted 1 times
...
GPrep
1 year, 1 month ago
Selected Answer: A
8.2.5 Information System Security Officer The ISSO is the agency official assigned responsibility by the SAISO, authorizing official, management official, or information system owner for ensuring that the appropriate operational security posture is maintained for an information system or program. The ISSO has the following responsibilities related to system security plans: • Assisting the SAISO in identifying, implementing, and assessing the common security controls; and • Actively supporting the development and maintenance of the system security plan, to include coordinating system changes with the information system owner and assessing the security impact of those changes. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-100.pdf (pg 79)
upvoted 2 times
...
Jacobmy98
1 year, 6 months ago
Selected Answer: A
I choose A
upvoted 1 times
...
HughJassole
1 year, 8 months ago
A. System security officer A custodian holds info, as in custody: "A third-party entity that holds and safeguards a user’s private keys or digital assets on their behalf. Depending on the system, a custodian may act as an exchange and provide additional services, such as staking, lending, account recovery, or security features." https://csrc.nist.gov/glossary/term/custodian#:~:text=Definition(s)%3A,account%20recovery%2C%20or%20security%20features.
upvoted 1 times
...
rajkamal0
2 years, 1 month ago
Selected Answer: A
Answer is A System Security Officer
upvoted 2 times
...
JAckThePip
2 years, 4 months ago
Answer A "Individual assigned responsibility by the senior agency information security officer, authorizing official, management official, or information system owner for ensuring that the appropriate operational security posture is maintained for an information system or program" https://csrc.nist.gov/glossary/term/information_system_security_officer
upvoted 4 times
...
matt1976
2 years, 5 months ago
I agree. A. system security officer. systems security officer (SSO) show sources. CNSSI 4009-2015. Definition(s): Individual with assigned responsibility for maintaining the appropriate operational security posture for an information system or program.
upvoted 3 times
...
Yanjun
2 years, 5 months ago
I prefer A
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel