FITSP-MANAGER EXAM QUESTIONS AND ANSWERS
this legislation requires Federal agencies to develop document and implement an agency wide
information security program - Answer ️️ -Clinger-Cohen
What are the six steps of the RMF - Answer ️️ -Categorize
Select
Implement
Assess
Authorize
Mo...
this legislation requires Federal agencies to develop document and implement an agency wide
information security program - Answer ✔️✔️-Clinger-Cohen
What are the six steps of the RMF - Answer ✔️✔️-Categorize
Select
Implement
Assess
Authorize
Monitor
What is the term used to evaluate operational information systems against the RMF, to determine
the security controls in place and the requirements to mitigate risk at a acceptable level? -
Answer ✔️✔️-Gap Anaylsis
What is the legal precedence - Answer ✔️✔️-Consitution
Public Law
Executive Orders/Presidential Directives
Processing Standards
Agency Regulations
State / Local Laws
Industry Standards
What is the Privacy Act - 1974 four basic policy objectives? - Answer ✔️✔️-Restict disclosure
Increased rights of access to agency records
Grant individuals the rights to seek amendment
Establish a code of fair information practices
What is the purpose of Computer Fraud and Abuse Act (CFAA) - 1986? - Answer ✔️✔️-Intended
to reduce cracking of computer systems and to address Federal computer-related offenses.
Governs case with a compelling Federal interest.
,What computer in theory are covered by the CFAA and defined as protected computers? -
Answer ✔️✔️-Exclusively used by a financial institution or the US goverment, or any computer
when the conduct constituting the offense affect the computer use by or for the financial
institution or the goverement
Used in or affecting interstate or foreign commerce or communication, including a computer
located outside the US.
What does the Electronic Communications Privacy Act of 1986 (ECPA) restrict, prohibit and
permit? - Answer ✔️✔️-Restict wire taps from telephone call to include transmissions of
electronic data by computer
Prohibit access to store electronic communications
Permits the tracing of telephone communications
What superseded the Computer Security Act of 1987? - Answer ✔️✔️-FISMA of 2002
Why was the the Computer Security Act - 1987 passed? - Answer ✔️✔️-To improved the security
and privacy of sensitive information in Federal systems, and to establish a minimum acceptable
security practices for such systems.
What does the Computer Security Act - 1987 assign, require and mandate. - Answer ✔️✔️-
Assigned NIST formerly know as National Bureau of Standards) to develop standard of
minumum acceptable practices with help of the NSA
Required the establishment of security policies of Federal computer system that contain sensitive
information
Mandated security awareness training for Federal employees that use those systems
What's another name for the Information Technology Managment Reform Act - 1996? - Answer
✔️✔️-Clinger-Cohen Act
What did the Clinger-Cohen Act do? - Answer ✔️✔️-Implemented the Capital Planning
Investment Control (CPIC) IT budget planning process
Granted OMB authority to oversee the acquisition,use,and disposal of IT by the Federal
Goverment
,Established CIO positions in every department and agency in the Federal Goverment
Established the CIO council with 28 major agencies and OMB
Defined and IT architecture (ITA) for evolving and acquiring IT
What is the "at risk" category under Clinger-Cohen act supported by OMB? - Answer ✔️✔️-OMB
grades IT projects and funds accordingly - the "at risk" category indicates. "This risk of not
receiving initial or continued funding for the project.
What was the first official public declaration of what constitues a National Security System? -
Answer ✔️✔️-Clinger-Cohen Act (CCA)
According to the CCA, what is considered a National Security System (NSS)? - Answer ✔️✔️-If
the system in involved the following
Involves intelligence activities
Involves cryptologic activities related to national security
Involves command and controls of military forces
Involves equipment that is an integral part of a weapon or weapons system
Is critical to the direct fulfillment of milatary or intelligence mission
What is Goverment Information Security Reform Act (GISRA) 2000 - Answer ✔️✔️-The
Government Information Security Reform Act (formerly known as the Thompson-Liebermann
Act) is a federal law that required U.S. government agencies to implement an information
security program that includes planning, assessment and protection. It was enacted in 2000 and
replaced by the Federal Information Security Management Act (FISMA) in 2002
What is a National Security Letter? - Answer ✔️✔️-An NSL is a demand letter issued to a
particular entity or organization to turn over various records and data pertaining to individuals.
What is the USA Patriot Act full title? - Answer ✔️✔️-The USA PATRIOT Act is an Act of
Congress that was signed into law by President George W. Bush on October 26, 2001.[1] With
its ten-letter abbreviation (USA PATRIOT) expanded, the full title is "Uniting and Strengthening
America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of
2001".
What does E-Goverment Act of 2002 accomplish? - Answer ✔️✔️-Establish a Federal CIO within
OMB
Areas of E-Gov:
-Capital planning and investment control for information technology
-Development of enterprise architectures (FEA)
, -Information Security (Title III) - aka FISMA
-Access to goverment infomation
Establish CIO counsel in the Executive Branch
What is FISMA? - Answer ✔️✔️-Title III of E-Gov Act 2002
Requires each federal agency to implement an information security program
Reports annually to OMB on:
-Adequacy of security program
-Adequacy of plans and reports relating to annual budgets
-Significant deficiency
Continuously evolving
What is HITECH? - Answer ✔️✔️-The Health Information Technology for Economic and Clinical
Health Act (HITECH Act) mandates audits of health care providers to investigate and determine
if they are in compliance with the HIPAA Privacy Rule (effective in 2003) and Security Rule
(effective in 2005). It's part of ARRA in 2009.
What is COPPA? - Answer ✔️✔️-The Children's Online Privacy Protection Act (COPPA) is a law
created to protect the privacy of children under 13. The Act was passed by the U.S. Congress in
1998 and took effect in April 2000. COPPA is managed by the Federal Trade Commission
(FTC).
What is the Economic Espionage Act (EEA) 1998 - Answer ✔️✔️-The Economic Espionage Act
of 1996 (EEA), 18 U.S.C. §§ 1831-1839, defines the term "economic espionage" as the theft or
misappropriation of a trade secret with the intent or knowledge that the offense will benefit any
foreign government, foreign instrumentality, or foreign agent.
What is the purpose Office of Management and Budget Circular A-11 - Answer ✔️✔️-Preparation,
Submission and Execution of the Budget, June 2008.
What is the purpose Office of Management and Budget Circular A-123 - Answer ✔️✔️-
Management's Responsibility for Enterprise Risk Management and Internal Control (Revised
07/15/2016)
What is the purpose Office of Management and Budget Circular A-127-Revised - Answer ✔️✔️-
OMB Circular A-127 prescribes policies and standards for executive departments and agencies
to follow when managing their financial management systems January 2009
What does OMB Memorandum provide? - Answer ✔️✔️-General Guidance
Reporting Guidance
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller BrittieDonald. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.49. You're not tied to anything after your purchase.
