FITSP-M Terms Questions and Answers

800-12 - Answer- NIST Handbook (Data Security, Maint, Personnel, Physical Security) 800-92 - Answer- Guide to Computer Log Mgmt (Log Mgmt) 800-53 - Answer- Security Controls for Federal IT Systems (Log Mgmt) -18 Control Families -3 Subcategories- Management, Technical, Operational -LOW, MEDIUM, HIGH 800-66 - Answer- Intro to Resource Guide for HIPPA (Log Mgmt) (RMF) 800-16 - Answer- IT Security Training Requirements roll and performance based. 800-50 - Answer- Building IT Security Awareness Training (Awareness) 800-34 - Answer- -Contingency Planning Guide for IT systems (Contingency Planning) (RMF) -BIA Types- Client/Server, Telecom Systems, Mainframe Contingency Planning - Answer- 7 Steps -Develop Policy Statement -Conduct BIA -I.D. Preventive Controls -Create Contingency Strategies -Develop I.S. Contingency Plan -Ensure to Plan, Test, Train -Maintenance FIPS 199 - Answer- -Standards for Security Categorization of Federal IT Systems (Contingency Planning) (RMF) -CIA -Low, Medium, High 800-60 Rev1 - Answer- Guide for Mapping types of information and Information Systems (Data Security) 800-61 - Answer- Computer Security Incident Handling Guide 800-88 - Answer- Sanitization Guidelines 800-18 - Answer- Guide for Developing Security Plans for Federal IT Systems (RMF) Risk Management Framework - Answer- -Categorize -Select Security Controls -Implement -Assess -Authorize -Monitor 800-37 Rev 1 - Answer- Guide to Apply Risk Management Framework Assess-Controls are correct, operate, meeting requirement Authorize-Determine if Risk is Acceptable 800-13 - Answer- Telecomm Security Guidelines for Telecom Mgmt Network 800-14 - Answer- Generally Accepted Principles and Practices for securing IT Systems 800-27 - Answer- Engineering Principles for IT Security (Security Baseline) 800-33 - Answer- Technical Models for IT Security 800-35 - Answer- Guide to IT Security services 800-64 - Answer- Considerations in SDLC 800-65 - Answer- Integrating IT security into Capitol Planning and Investments 800-100 - Answer- Information Security Handbook and Guide for Managers 800-41 - Answer- Firewalls and Policy (FITSI) 800-45 - Answer- E-mail (FITSI) 800-55 - Answer- Performance Measuring for Information Systems (FITSI) 800-77 - Answer- IPSEC VPN's (FITSI) 800-84 - Answer- Test, Train, Exercise Program (FITSI) 800-113 - Answer- SSL VPN (FITSI) FIPS 201-1 - Answer- PIV I Control, Security HSPD-12 II Technical HSPD 12 NIST 800-78 FIPS 200 - Answer- Minimum Security requirements (800-53) (RMF) FIPS 198-1 - Answer- HMAC (180-3) FIPS 197 - Answer- AES Symmetric 128, 192, 256 FIPS 196 - Answer- PKE Two Challenge Response Authentication FIPS 191 - Answer- LAN Security FIPS 190 - Answer- Advanced Authentication Tech Alt (Kerberos) FIPS 188 - Answer- Information Transfer Access Control Protective Measures Handling Restrictions FIPS 186-3 - Answer- Digital Signatures (DSA, RSA, ECDSA) FIPS 185 - Answer- Escrowed Encryption Standard SKIPJACK LEAF FIPS 181 - Answer- Automated Password Generator FIPS 180-3 - Answer- SHS (SHA1) 224, 256. 384, 512 FIPS 140-2 - Answer- Crypto Modules 4 Levels