this legislation requires Federal agencies to develop document and implement an agency wide information security program - ANSWER Clinger-Cohen
What are the six steps of the RMF - ANSWER Categorize
Select
Implement
Assess
Authorize
Monitor
What is the term used to evaluate operational in...
this legislation requires federal agencies to deve
what are the six steps of the rmf answer categor
Written for
FITSP-Auditor
FITSP-Auditor
Seller
Follow
shantelleG
Reviews received
Content preview
FITSP-MANAGER
CORRECT QUESTIONS
& ANSWERS(2024
LATEST
UPDATE )CORRECT
100%
this legislation requires Federal agencies to develop document and implement an agency wide
information security program - ANSWER Clinger-Cohen
What are the six steps of the RMF - ANSWER Categorize
Select
Implement
Assess
Authorize
Monitor
,What is the term used to evaluate operational information systems against the RMF, to determine the
security controls in place and the requirements to mitigate risk at a acceptable level? - ANSWER Gap
Anaylsis
What is the legal precedence - ANSWER Consitution
Public Law
Executive Orders/Presidential Directives
Processing Standards
Agency Regulations
State / Local Laws
Industry Standards
What is the Privacy Act - 1974 four basic policy objectives? - ANSWER Restict disclosure
Increased rights of access to agency records
Grant individuals the rights to seek amendment
Establish a code of fair information practices
What is the purpose of Computer Fraud and Abuse Act (CFAA) - 1986? - ANSWER Intended to reduce
cracking of computer systems and to address Federal computer-related offenses.
Governs case with a compelling Federal interest.
What computer in theory are covered by the CFAA and defined as protected computers? - ANSWER
Exclusively used by a financial institution or the US goverment, or any computer when the conduct
constituting the offense affect the computer use by or for the financial institution or the goverement
Used in or affecting interstate or foreign commerce or communication, including a computer located
outside the US.
What does the Electronic Communications Privacy Act of 1986 (ECPA) restrict, prohibit and permit? -
ANSWER Restict wire taps from telephone call to include transmissions of electronic data by computer
, Prohibit access to store electronic communications
Permits the tracing of telephone communications
What superseded the Computer Security Act of 1987? - ANSWER FISMA of 2002
Why was the the Computer Security Act - 1987 passed? - ANSWER To improved the security and privacy
of sensitive information in Federal systems, and to establish a minimum acceptable security practices for
such systems.
What does the Computer Security Act - 1987 assign, require and mandate. - ANSWER Assigned NIST
formerly know as National Bureau of Standards) to develop standard of minumum acceptable practices
with help of the NSA
Required the establishment of security policies of Federal computer system that contain sensitive
information
Mandated security awareness training for Federal employees that use those systems
What is the USA Patriot Act full title? - ANSWER The USA PATRIOT Act is an Act of Congress that was
signed into law by President George W. Bush on October 26, 2001.[1] With its ten-letter abbreviation
(USA PATRIOT) expanded, the full title is "Uniting and Strengthening America by Providing Appropriate
Tools Required to Intercept and Obstruct Terrorism Act of 2001".
What does E-Goverment Act of 2002 accomplish? - ANSWER Establish a Federal CIO within OMB
Areas of E-Gov:
-Capital planning and investment control for information technology
-Development of enterprise architectures (FEA)
-Information Security (Title III) - aka FISMA
-Access to goverment infomation
, Establish CIO counsel in the Executive Branch
What is FISMA? - ANSWER Title III of E-Gov Act 2002
Requires each federal agency to implement an information security program
Reports annually to OMB on:
-Adequacy of security program
-Adequacy of plans and reports relating to annual budgets
-Significant deficiency
Continuously evolving
What is HITECH? - ANSWER The Health Information Technology for Economic and Clinical Health Act
(HITECH Act) mandates audits of health care providers to investigate and determine if they are in
compliance with the HIPAA Privacy Rule (effective in 2003) and Security Rule (effective in 2005). It's part
of ARRA in 2009.
What is COPPA? - ANSWER The Children's Online Privacy Protection Act (COPPA) is a law created to
protect the privacy of children under 13. The Act was passed by the U.S. Congress in 1998 and took
effect in April 2000. COPPA is managed by the Federal Trade Commission (FTC).
What is the Economic Espionage Act (EEA) 1998 - ANSWER The Economic Espionage Act of 1996 (EEA),
18 U.S.C. §§ 1831-1839, defines the term "economic espionage" as the theft or misappropriation of a
trade secret with the intent or knowledge that the offense will benefit any foreign government, foreign
instrumentality, or foreign agent.
What is the purpose Office of Management and Budget Circular A-11 - ANSWER Preparation, Submission
and Execution of the Budget, June 2008.
What is the purpose Office of Management and Budget Circular A-123 - ANSWER Management's
Responsibility for Enterprise Risk Management and Internal Control (Revised 07/15/2016)
What is the purpose Office of Management and Budget Circular A-127-Revised - ANSWER OMB Circular
A-127 prescribes policies and standards for executive departments and agencies to follow when
managing their financial management systems January 2009
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller shantelleG. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £10.76. You're not tied to anything after your purchase.