DoD 8500.2 establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels. Which of the following MAC levels requires basic integrity and availability
You work as a system engineer for BlueWell Inc. You want to verify that the build meets its data requirements, and correctly generates each expected display and report. Which of the following tests will help you to perform the above task
Which of the following memorandums directs the Departments and Agencies to post clear privacy policies on World Wide Web sites, and provides guidance for doing it
Which of the following acts is used to recognize the importance of information security to the economic and national security interests of the United States
Which of the following laws is the first to implement penalties for the creator of viruses, worms, and other types of malicious code that causes harm to the computer systems
Which of the following acts is endorsed to provide a clear statement of the proscribed activity concerning computers to the law enforcement community, those who own and operate computers, and those tempted to commit crimes by unauthorized access to computers
Which of the following terms describes the security of an information system against unauthorized access to or modification of information, whether in storage, processing, or transit, and against the denial of service to authorized users or the provision of service to unauthorized users
Which of the following policies describes the national policy on the secure electronic messaging service
Which of the following is the application of statistical methods to the monitoring and control of a process to ensure that it operates at its full potential to produce conforming product
Which of the following NIST documents describes that minimizing negative impact on an organization and a need for sound basis in decision making are the fundamental reasons organizations implement a risk management process for their IT systems
Which of the following DoD policies establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels
Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted by the National Security Agency for protecting classified information
Which of the following individuals reviews and approves project deliverables from a QA perspective
Which of the following individuals informs all C&A participants about life cycle actions, security requirements, and documented user needs
Which of the following organizations assists the President in overseeing the preparation of the federal budget and to supervise its administration in Executive Branch agencies
Which of the following is a standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system
Which of the following certification levels requires the completion of the minimum security checklist and more in-depth, independent analysis
Which of the following elements are described by the functional requirements task Each correct answer represents a complete solution. Choose all that apply.
Certification and Accreditation (C&A or CnA) is a process for implementing information security. Which of the following is the correct order of C&A phases in a DITSCAP assessment
Which of the following is a document, usually in the form of a table, that correlates any two baseline documents that require a many-to-many relationship to determine the completeness of the relationship
Which of the following types of CNSS issuances describes how to implement the policy or prescribes the manner of a policy
Which of the following assessment methodologies defines a six-step technical security evaluation
Which of the following terms describes the measures that protect and support information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation
FIPS 199 defines the three levels of potential impact on organizations. Which of the following potential impact levels shows limited adverse effects on organizational operations, organizational assets, or individuals
An Authorizing Official plays the role of an approver. What are the responsibilities of an Authorizing Official Each correct answer represents a complete solution. Choose all that apply.
Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted by the National Security Agency for protecting sensitive, unclassified information in the systems as stated in Section 2315 of Title 10, United States Code
Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted as a Federal Information Processing Standard
Fill in the blank with an appropriate section name. _________________ is a section of the SEMP template, which specifies the methods and reasoning planned to build the requisite trade-offs between functionality, performance, cost, and risk.
You work as a security engineer for BlueWell Inc. According to you, which of the following statements determines the main focus of the ISSE process
Which of the following cooperative programs carried out by NIST conducts research to advance the nation's technology infrastructure
Which of the following approaches can be used to build a security program Each correct answer represents a complete solution. Choose all that apply.
Which of the following DITSCAP phases validates that the preceding work has produced an IS that operates in a specified computing environment