True or false the rmf - Study guides, Class notes & Summaries

CLE 074 Exam Study Guide with Complete Solutions The key governance in Tier 3 of the risk management hierarchy is the Authorizing Official; in Tier 2, the Principal Authorizing Official; in Tier 1, the DoD Chief Information Officer - Answer---> True False The Security Plan is initiated at Step One of the RMF process and used in all subsequent steps EXCEPT: - Answer--->Step Four, Assess Security Controls Step Two, Select Security Controls Step Six, Monitor Security Controls, Step ...

___________________________ is a part of the U.S. Department of Commerce, and it includes an Information Technology Laboratory (ITL). - Answer- NIST National Institute of Standards and Technology. What does TIC stand for? - Answer- Trusted Internet Connection What does USA Patriot Act stand for? - Answer- United & Strengthening America by providing appropriate tools required to intercept and obstruct terrorism What does FISMA stand for? - Answer- Federal Information Security Management ...

The key governance in Tier 3 of the risk management hierarchy is the Authorizing Official; in Tier 2, the Principal Authorizing Official; in Tier 1, the DoD Chief Information Officer → --> True False The Security Plan is initiated at Step One of the RMF process and used in all subsequent steps EXCEPT: → -->Step Four, Assess Security Controls Step Two, Select Security Controls Step Six, Monitor Security Controls, Step Five, Authorize Security Controls Step Three, Implement S...

CAP Test FedVTE The authorization decision document conveys the final security authorization decision from the authorizing official to the information system owner. The authorization decision document contains all of the following information except? A. Authorization decision B. Terms and conditions for the authorization C. Approving revisions to the SSAA D. Authorization termination date - C. Approving revisions to the SSAA Security categorization of an National Security ...

FedVTE CAP Exam 50 Questions with Verified Answers Which of the following groups represents the most likely source of an asset loss through the inappropriate use of computers? A. Employees B. Hackers C. Visitors D. Customers - CORRECT ANSWER A. Employees FISMA charges which one of the following agencies with the responsibility of overseeing the security policies and practices of all agencies of the executive branch of the Federal government? A. Office of Management an...

According to "The Common Sense Guide to Mitigating Insider Threats," which item is NOT a best practice to protect against the insider threat? (Identify countermeasures used to combat cyber threats) Make sure that only one person has access to critical passwords and certain classified information. Among the more complex technical areas comprising the Joint Information Environment implementation strategy is Data Center Consolidation. What is the purpose of such consolidation? (Identify t...

1. Name the reporting tool, which automates Agency FISMA reporting directly to the DHS. a) FISMA b) DHS Reporting Metrics c) Cyberscope d) Cyberstat - Answer- Correct answer: c) CyberScope. In OMB M-10-15, CyberScope was designated as the reporting tool for FISMA reporting. Incorrect answers: a) FISMA requires the reports; b) DHS Reporting Metrics indicate what must be reported; d) CyberStat refers to OMB's reviews 2. Which family of security controls is considered Tier 2? a) ...

Palo Alto (1-6) Test questions and answers_ 2021/2022. Which built-in administrator role allows all rights except for the creation of administrative accounts and virtual systems? a. superuser b. custom role c. deviceadmin d. vsysadmin Which Next Generation VM Series Model requires a minimum of 16 GB of memory and 60 GB of dedicated disk drive capacity? Select one: a. VM-700 b. VM-500 c. VM-100 d. VM-50 On the Next Generation firewall, a commit lock blocks other administrator...

C A security program alerts you of a failed logon attempt to a secure system. On investigation, you learn the system's normal user accidentally had caps lock turned on. What kind of alert was it? A. True positive B. True negative C. False positive D. False negative A Your security policy calls for the company's financial data archive to have its confidentiality, integrity, availability, and accountability protected. Presently it's stored on two redundant servers protected by st...

1. List the 3 security objectives under FISMA. a) Confidentiality, Integrity, Authentication b) Confidentiality, Integrity, Availability c) Containment, Integrity, Availability d) Confidentiality, Impact, Availability - Answer- Correct answer: b) Confidentiality, Integrity, Availability FISMA 2002, Section 3542 states: "The term 'information security' means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction...