SY0-501 · Question #401
SY0-501 Question #401: Real Exam Question with Answer & Explanation
The correct answer is D: Owner. To determine the sensitivity level and classification of data, Ann should consult the data owner, as they hold the ultimate responsibility for the data's value and protection requirements.
Question
Ann is the IS manager for several new systems in which the classification of the systems' data are being decided. She is trying to determine the sensitivity level of the data being processed. Which of the following people should she consult to determine the data classification?
Options
- ASteward
- BCustodian
- CUser
- DOwner
Explanation
To determine the sensitivity level and classification of data, Ann should consult the data owner, as they hold the ultimate responsibility for the data's value and protection requirements.
Common mistakes.
- A. A data steward is primarily responsible for data quality, metadata, and defining business rules, ensuring the data is accurate and consistent, but does not typically determine its initial classification or overall sensitivity level.
- B. A data custodian (or data processor) is responsible for the technical implementation and maintenance of controls to protect the data, such as backups and access management, acting on behalf of the owner, but does not decide the data's classification.
- C. A user interacts with the data, creating or consuming it as part of their job function, and is bound by established data classification policies but is not responsible for defining those classifications.
Concept tested. Data Ownership and Classification Responsibilities
Reference. https://csrc.nist.gov/publications/detail/sp/800-18/rev-1/archive/2006-02-01
Community Discussion
No community discussion yet for this question.