Swift Customer Security Programme Assessor Certification(CSPAC) CSP-Assessor Question # 20 Topic 3 Discussion

CSP-Assessor Exam Topic 3 Question 20 Discussion:

Question #: 20

Topic #: 3

Which operator session flows are expected to be protected in terms of confidentiality and integrity? (Select the correct answer)
•Swift Customer Security Controls Policy
•Swift Customer Security Controls Framework v2025
•Independent Assessment Framework
•Independent Assessment Process for Assessors Guidelines
•Independent Assessment Framework - High-Level Test Plan Guidelines
•Outsourcing Agents - Security Requirements Baseline v2025
•CSP Architecture Type - Decision tree
•CSP_controls_matrix_and_high_test_plan_2025
•Assessment template for Mandatory controls
•Assessment template for Advisory controls
•CSCF Assessment Completion Letter
•Swift_CSP_Assessment_Report_Template

System administrator sessions towards a host running a SWIFT-related component (on-premises or remote)

All sessions to and from a jump server used to access a component in a secure zone

All sessions towards a SWIFT-related application run by an Outsourcing Agent, a Service Bureau, or an L2BA Provider

All of the other answers are valid

Get Premium CSP-Assessor Questions

Explanation

The CSCF requires protection of operator session flows to ensure confidentiality and integrity, particularly for sessions involving SWIFT-related components. This is addressed under Control "2.1 Internal Data Transmission Security" and "2.2 External Transmission Security." Let’s evaluate each option:

•Option A: System administrator sessions towards a host running a SWIFT-related component (on-premises or remote)

This is valid. System administrator sessions to hosts running SWIFT components (e.g., Alliance Gateway on-premises or in the cloud) must be protected using encryption (e.g., TLS) and authentication to prevent unauthorized access or data breaches, aligning with CSCF Control "2.1."

•Option B: All sessions to and from a jump server used to access a component in a secure zone

This is valid. Jump servers (bastion hosts) used to access the secure zone (e.g., for managing Alliance Access) must have all sessions encrypted and integrity-checked, as required by CSCF Control "1.1 SWIFT Environment Protection" and "2.2" to secure access points.

•Option C: All sessions towards a SWIFT-related application run by an Outsourcing Agent, a Service Bureau, or an L2BA Provider

This is valid. Sessions to applications hosted by third parties (e.g., Alliance Lite2 Business Application by an L2BA Provider) must be protected, as per CSCF Control "2.2" and the "Outsourcing Agents - Security Requirements Baseline v2025," which mandates secure transmission regardless of location.

•Option D: All of the other answers are valid

This is correct. Since A, B, and C all describe session flows that require protection under the CSCF, the comprehensive answer is that all listed session types must be secured for confidentiality and integrity.

Summary of Correct Answer:

All operator session flows listed (A, B, and C) are expected to be protected, making D the correct choice.

References to SWIFT Customer Security Programme Documents:

•Swift Customer Security Controls Framework v2025: Controls 2.1 and 2.2 mandate session protection.

•Outsourcing Agents - Security Requirements Baseline v2025: Extends protection to third-party-hosted applications.

•CSP_controls_matrix_and_high_test_plan_2025: Includes all listed session types in security testing.

========

Actual exam question for Swift CSP-Assessor exam by Zane6581 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:

Chosen Answer: A B C D
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Swift Customer Security Programme Assessor Certification(CSPAC) CSP-Assessor Question # 20 Topic 3 Discussion

Swift Customer Security Programme Assessor Certification(CSPAC) CSP-Assessor Question # 20 Topic 3 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Awaiting moderator approval