Fitsp m - Study guides, Class notes & Summaries

FITSP-Auditor Exam Questions and Answers HSPD12 - Answer ️️ -Policy for CAC and PIV (smartcards) FIPS 201-1 - Answer ️️ -Implementation for smartcards OMB M-04-04 - Answer ️️ -E-Authentication Guidance for Federal Agencies SP 800-63 - Answer ️️ -E-Authentication Guideline; may play a part in remote access to a system. E-Authentication Level 1 - Answer ️️ -No Identity Proofing E-Authentication Level 2 - Answer ️️ -Single-Factor Authentication, Identity Proofing Req...

QA from FITSP - Manager, Next Generation Exam (Graded A) The following legislation requires federal agencies to develop, document and implement an agency-wide information security program: - Answer ️️ -FISMA The following legislation requires each agency with an Inspector General to conduct an annual evaluation of agency's information security program, or to appoint an independent external auditor, to conduct the evaluation on their behalf - Answer ️️ -E-Government Act of 2002, S...

FITSP-A Module 7 question with complete solution graded A+ 20231. Name the reporting tool, which automates Agency FISMA reporting directly to the DHS. a) FISMA b) DHS Reporting Metrics c) Cyberscope d) Cyberstat - correct answer Correct answer: c) CyberScope. In OMB M-10-15, CyberScope was designated as the reporting tool for FISMA reporting. Incorrect answers: a) FISMA requires the reports; b) DHS Reporting Metrics indicate what must be reported; d) CyberStat refers to OMB's review...

this legislation requires Federal agencies to develop document and implement an agency wide information security program - ANS - Clinger-Cohen What are the six steps of the RMF - ANS - Categorize Select Implement Assess Authorize Monitor What is the term used to evaluate operational information systems against the RMF, to determine the security controls in place and the requirements to mitigate risk at a acceptable level? - ANS - Gap Anaylsis What is the legal precedence - ANS - Consi...

FITSP-Auditor Exam Questions and Answers HSPD12 - Answer ️️ -Policy for CAC and PIV (smartcards) FIPS 201-1 - Answer ️️ -Implementation for smartcards OMB M-04-04 - Answer ️️ -E-Authentication Guidance for Federal Agencies SP 800-63 - Answer ️️ -E-Authentication Guideline; may play a part in remote access to a system. E-Authentication Level 1 - Answer ️️ -No Identity Proofing E-Authentication Level 2 - Answer ️️ -Single-Factor Authentication, Identity Proofing Req...

FITSP-A Module 5 Exam Questions and Answers 1. An assessment object for each security control, which identifies the specific control items being assessed and testing techniques, can be found in which document? a) NIST Special Publication 800-37 Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems b) NIST Special Publication 800-53 Revision 4, Recommended Security Controls for Federal Information Systems and Organizations c) NIST Special Publication 8...

800-12 - Answer- NIST Handbook (Data Security, Maint, Personnel, Physical Security) 800-92 - Answer- Guide to Computer Log Mgmt (Log Mgmt) 800-53 - Answer- Security Controls for Federal IT Systems (Log Mgmt) -18 Control Families -3 Subcategories- Management, Technical, Operational -LOW, MEDIUM, HIGH 800-66 - Answer- Intro to Resource Guide for HIPPA (Log Mgmt) (RMF) 800-16 - Answer- IT Security Training Requirements roll and performance based. 800-50 - Answer- Building IT Secu...

FITSP-M Terms

HIDS/HIPS correct answer: - Host-Based, - monitors the characteristics of a single host and the events occurring within that host for suspicious activity and most commonly deployed on critical hosts such as publicly accessible servers and servers containing sensitive information - network traffic (only for that host), system logs, running processes, application activity, file access and modification, and system and application configuration changes. NIST SP 800-60, Rev 1 correct answer: S...

FITSP - Auditor Questions and answers 2023The following legislation requires federal agencies to establish capital planning and investment control policies and procedures when procuring information technology: a) E-Government Act of 2002 b) Federal Information Security Management Act (FISMA) c) Government Information Security Reform Act (GISRA) d) Clinger-Cohen Act Clinger-Cohen Act The following legislation requires federal agencies to appoint a Chief Information Officer: a) E-Gove...