nerdexam
(ISC)2

CISSP-ISSEP · Question #171

Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system?

The correct answer is A. Data security requirement. Data security requirement (Option A) is correct because this element of Registration Task 5 explicitly captures the classification, sensitivity, and category of data the system processes - for example, whether it handles classified information, PII, or controlled unclassified inf

Security Planning and Design

Question

Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system?

Options

  • AData security requirement
  • BNetwork connection rule
  • CApplicable instruction or directive
  • DSecurity concept of operation

How the community answered

(33 responses)
  • A
    91% (30)
  • B
    6% (2)
  • C
    3% (1)

Explanation

Data security requirement (Option A) is correct because this element of Registration Task 5 explicitly captures the classification, sensitivity, and category of data the system processes - for example, whether it handles classified information, PII, or controlled unclassified information. It's the only element directly tied to characterizing the data itself.

Option B (Network connection rule) is wrong because it governs how the system connects to networks - addressing connectivity and interface requirements, not the nature of the data being processed.

Option C (Applicable instruction or directive) is wrong because it identifies the governing policies, regulations, or DoD directives that apply to the system - it's about legal/policy authority, not data classification.

Option D (Security concept of operation) is wrong because it describes how security will be implemented and managed operationally - a narrative of security posture, not a definition of data type.

Memory tip: Link "Data security requirement" → "Data description." If the question asks what defines the data, the answer must contain the word Data - only Option A does.

Topics

#Data Classification#System Security Requirements#Security Planning#Information Security Management

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSEP Practice