FITSP TESTS COMPILATION BUNDLE

800-12 correct answer: NIST Handbook (Data Security, Maint, Personnel, Physical Security) 800-92 correct answer: Guide to Computer Log Mgmt (Log Mgmt) 800-53 correct answer: Security Controls for Federal IT Systems (Log Mgmt) -18 Control Families -3 Subcategories- Management, Technical, O...

___________________________ is a part of the U.S. Department of Commerce, and it includes an Information Technology Laboratory (ITL). correct answer: NIST National Institute of Standards and Technology. What does TIC stand for? correct answer: Trusted Internet Connection What does USA Patrio...

What elements are components of an information system? correct answer: OMB Circular A-130, App III: "A system normally includes hardware, software, information, data, applications, communications, and people." What are some of the threats that the information system faces? correct answer: NIS...

this legislation requires Federal agencies to develop document and implement an agency wide information security program correct answer: Clinger-Cohen What are the six steps of the RMF correct answer: Categorize Select Implement Assess Authorize Monitor What is the term used to evaluate...

The following legislation requires federal agencies to develop, document and implement an agency-wide information security program: correct answer: FISMA The following legislation requires each agency with an Inspector General to conduct an annual evaluation of agency's information security pro...

1. What elements are components of an information system? a) Hardware and software b) Interconnected systems c) People d) All of the above correct answer: Correct answer: d) All of the above OMB Circular A-130, App ill: "A system normally includes hardware, software, information, data, applic...

HIDS/HIPS correct answer: - Host-Based, - monitors the characteristics of a single host and the events occurring within that host for suspicious activity and most commonly deployed on critical hosts such as publicly accessible servers and servers containing sensitive information - network traffic...

1. The implementation of a continuous monitoring program results in ongoing updates to all of the following documents, EXCEPT: a) Security Plan b) Security Assessment Plan c) Security Assessment Report d) Plan of Action & Milestones correct answer: Correct answer: b) Security Assessment Plan ...

NIST SP 800-53 correct answer: Its primary goal and objective is to ensure that appropriate security requirements and security controls are applied to all U.S. Federal Government information and information management systems. NIST SP 800-60 correct answer: Guide for Mapping Types of Informatio...

1. Name the reporting tool, which automates Agency FISMA reporting directly to the DHS. a) FISMA b) DHS Reporting Metrics c) Cyberscope d) Cyberstat correct answer: Correct answer: c) CyberScope. In OMB M-10-15, CyberScope was designated as the reporting tool for FISMA reporting. Incorr...

What elements are components of an information system? correct answer: OMB Circular A-130, App III: "A system normally includes hardware, software, information, data, applications, communications, and people." What are some of the threats that the information system faces? correct answer: NIS...

1. An assessment object for each security control, which identifies the specific control items being assessed and testing techniques, can be found in which document? a) NIST Special Publication 800-37 Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems b) ...

1. All of the following are considered remote access, EXCEPT: a) Dial-up b) Broadband c) VPN d) Wireless correct answer: Correct answer: c) VPN NIST SP 800-53r4, Control AC-17, Supplemental Guidance states: "Remote access methods include, for example, dial-up, broadband, and wireless. Org...

1. What is defined as a simulation of an emergency designed to validate the viability of one or more aspects of an ISCP? a) ISCP Test b) ISCP Exercise c) ISCP Training d) ISCP Drill correct answer: Correct answer: b) ISCP Exercise NIST SP 800-34rl, Paragraph 3.5.3 states: "An exercise is ...