CISSP · Question #1178
CISSP Question #1178: Real Exam Question with Answer & Explanation
The correct answer is B: Gramm-Leach-Bliley Act (GLBA). The Gramm-Leach-Bliley Act (GLBA) is a U.S. federal law specifically enacted to protect the personal financial information of consumers held by financial institutions. It mandates how financial organizations must safeguard and disclose customers' PII.
Question
Which of the following protects personally identifiable information (PII) used by financial services organizations?
Options
- ANational Institute of Standards and Technology (NIST) SP 800-53
- BGramm-Leach-Bliley Act (GLBA)
- CPayment Card Industry Data Security Standard (PCI-DSS)
- DHealth Insurance Portability and Accountability Act (HIPAA)
Explanation
The Gramm-Leach-Bliley Act (GLBA) is a U.S. federal law specifically enacted to protect the personal financial information of consumers held by financial institutions. It mandates how financial organizations must safeguard and disclose customers' PII.
Common mistakes.
- A. NIST SP 800-53 is a catalog of security and privacy controls for federal information systems and organizations, not a law or regulation specifically targeting PII protection in financial services.
- C. PCI-DSS is a security standard focused on protecting payment card data (cardholder data) during transactions, not broadly protecting PII held by financial services organizations.
- D. HIPAA is a U.S. federal law that protects the privacy and security of individuals' medical and health information, and applies to healthcare entities, not financial services organizations.
Concept tested. Regulatory compliance frameworks protecting financial sector PII
Reference. https://www.ftc.gov/business-guidance/privacy-security/gramm-leach-bliley-act
Topics
Community Discussion
No community discussion yet for this question.