Fitsp a module Study guides, Class notes & Summaries

FITSP-A Module 1 Laws and Regs Exam Questions and Answers Clinger-Cohen Act - Answer ️️ -The following legislation requires federal agencies to establish capital planning and investment control policies and procedures when procuring information technology: Clinger-Cohen Act - Answer ️️ -The following legislation requires federal agencies to appoint a Chief Information Officer: Federal Information Security Modernization Act of 2014 (FISMA) - Answer ️️ -The following legislatio...

1. Name the reporting tool, which automates Agency FISMA reporting directly to the DHS. a) FISMA b) DHS Reporting Metrics c) Cyberscope d) Cyberstat - ANSWER Correct answer: c) CyberScope. In OMB M-10-15, CyberScope was designated as the reporting tool for FISMA reporting. Incorrect answers: a) FISMA requires the reports; b) DHS Reporting Metrics indicate what must be reported; d) CyberStat refers to OMB's reviews 2. Which family of security controls is considered Tier 2? a) A...

FITSP-A Module 1 Laws and Regs Exam

FITSP-A Module 4 Correctly answered 2023 updated to pass 1. List the 3 security objectives under FISMA. a) Confidentiality, Integrity, Authentication b) Confidentiality, Integrity, Availability c) Containment, Integrity, Availability d) Confidentiality, Impact, Availability - correct answer Correct answer: b) Confidentiality, Integrity, Availability FISMA 2002, Section 3542 states: "The term 'information security' means protecting information and information systems from unauthorized a...

1. What is defined as a simulation of an emergency designed to validate the viability of one or more aspects of an ISCP? a) ISCP Test b) ISCP Exercise c) ISCP Training d) ISCP Drill - ANSWER Correct answer: b) ISCP Exercise NIST SP 800-34rl, Paragraph 3.5.3 states: "An exercise is a simulation of an emergency designed to validate the viability of one or more aspects of an ISCP." Incorrect answers: a) ISCP Testing takes many forms, but is not necessarily scenario-based; c) ISCP Trai...

1. The implementation of a continuous monitoring program results in ongoing updates to all of the following documents, EXCEPT: a) Security Plan b) Security Assessment Plan c) Security Assessment Report d) Plan of Action & Milestones - ANSWER Correct answer: b) Security Assessment Plan NIST SP 800-137, Chapter 1 states: "Frequent updates to security plans, security assessment reports, plans of action and milestones, hardware and software inventories, and other system information are als...

FITSP-A Module 1 Laws and Regs Exam Questions and Answers Clinger-Cohen Act - Answer ️️ -The following legislation requires federal agencies to establish capital planning and investment control policies and procedures when procuring information technology: Clinger-Cohen Act - Answer ️️ -The following legislation requires federal agencies to appoint a Chief Information Officer: Federal Information Security Modernization Act of 2014 (FISMA) - Answer ️️ -The following legislatio...

FITSP-A Module 9 question and answers rated A+ 2023 Passed1. All of the following are considered remote access, EXCEPT: a) Dial-up b) Broadband c) VPN d) Wireless - correct answer Correct answer: c) VPN NIST SP 800-53r4, Control AC-17, Supplemental Guidance states: "Remote access methods include, for example, dial-up, broadband, and wireless. Organizations often employ encrypted virtual private networks (VPNs) to enhance confidentiality and integrity over remote connections." Incor...

FITSP Manager-Part 2 Exam Questions and Answers HIDS/HIPS - Answer ️️ -- Host-Based, - monitors the characteristics of a single host and the events occurring within that host for suspicious activity and most commonly deployed on critical hosts such as publicly accessible servers and servers containing sensitive information - network traffic (only for that host), system logs, running processes, application activity, file access and modification, and system and application configuration ...

FITSP-A Module 1 Laws and Regs