100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
FITSP - Auditor Questions & Answers Solved 100% Correct!! $12.99   Add to cart

Exam (elaborations)

FITSP - Auditor Questions & Answers Solved 100% Correct!!

 0 view  0 purchase
  • Course
  • ...
  • Institution
  • ...

FITSP - Auditor Questions & Answers Solved 100% Correct!!

Preview 4 out of 92  pages

  • September 8, 2024
  • 92
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • ...
  • ...
avatar-seller
stuuviaa
Name: Score:


258 Multiple choice questions

Term 1 of 258
What are two types of authorization decisions that can be rendered by authorizing officials?

Accept/Deny

Allow/Denial

Authorize/Denial

Access/Type

Term 2 of 258
To facilitate effective implementation of OMB capital planning and NIST security requirements, the
Government Accountability Office (GAO) offers which investment
life-cycle model as a best practices approach to investment management?

Assess—Respond—Monitor


Initiate-Develop-Assess

Select—Control—Evaluate

identify—Prioritize—Remediate

Term 3 of 258
What are the two most important factors in choosing a security control assessor?

Independence/Expertise


Trustworthiness/Experience

Expertise/Trustworthiness


Experience/Independence

,Term 4 of 258
What is defined as an identifiable part of a system (e.g., hardware, software, firmware,
documentation, or a combination thereof) that is a discrete target of configuration control
processes?

Configuration ltem

Compensating control


Business Reference Model

FIPS 197

Term 5 of 258
Which VPN technologies are approved for use by Federal agencies?

lPSec, SSL/TLS (but not 55Lv3)

Frame Risk, Assess Risk, Respond to Risk, Monitor Risk (FARM)


Common, System—Specific, Hybrid

Risk Executive (Function)

Term 6 of 258
The following OMB memo announced implementation of commonly accepted security
configurations for windows operating systems.

M-07-18

M-09-32

M-10-28

M-07-11

,Term 7 of 258
Which e-authentication level, described in the special publication 800-63, requires multifactor
authentication, and the use of a hard token?

True

Level 4


SISO, AO

Risk Executive (Function)

Term 8 of 258
Teleworking from an employee's residence is covered under the Alternate Work Site security
control. True or False?

True

False

Term 9 of 258
What is a term used to describe a body of evidence, organized into an argument, demonstrating
that
some claim about an information system is assured?

All of the above

Assurance case

VLAN/Cold


Common Controls

, Term 10 of 258
In the sanitization guidelines of NIST SPO 800-88, what is the recommended disposal method for
paper-based medical records containing sensitive Pll?

Classified Recycling Bin

Purge

Controlled Refuse Area

Cross—cut shredders

Term 11 of 258
Which phase of the System Development Life Cycle is least likely to require assessment of
controls?

Disposal

Operation and Maintenance

Development/Acquisition

Initiation

Term 12 of 258
When would you use a gap analysis in the RMF process?

When applying security to an legacy system

When there is an "air gap" in the system connection to the network

When there is a significant time gap between design and implementation

When the Authorizing Official billet is vacant for an extended time

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller stuuviaa. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $12.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

81113 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$12.99
  • (0)
  Add to cart