Certified Information Systems Security Professional (CISSP) — Question 111

Why would a system be structured to isolate different classes of information from one another and segregate them by user jurisdiction?

Answer options

• A. The organization is required to provide different services to various third-party organizations.
• B. The organization can avoid e-discovery processes in the event of litigation.
• C. The organization's infrastructure is clearly arranged and scope of responsibility is simplified.
• D. The organization can vary its system policies to comply with conflicting national laws.

Correct answer: D

Explanation

The correct answer is D because varying system policies allows an organization to comply with the different legal requirements of each jurisdiction it operates in. Options A, B, and C do not specifically address the need for compliance with conflicting national laws, making them less relevant to the question.