Fitsp a - Study guides, Class notes & Summaries

FITSP-MANAGER EXAM QUESTIONS AND ANSWERS this legislation requires Federal agencies to develop document and implement an agency wide information security program - Answer ️️ -Clinger-Cohen What are the six steps of the RMF - Answer ️️ -Categorize Select Implement Assess Authorize Monitor What is the term used to evaluate operational information systems against the RMF, to determine the security controls in place and the requirements to mitigate risk at a acceptable level? - An...

FITSP - Auditor Questions and answers rated + already passed 2023The following legislation requires federal agencies to establish capital planning and investment control policies and procedures when procuring information technology: a) E-Government Act of 2002 b) Federal Information Security Management Act (FISMA) c) Government Information Security Reform Act (GISRA) d) Clinger-Cohen Act - correct answer Clinger-Cohen Act The following legislation requires federal agencies to appoint a Ch...

. What elements are components of an information system? a) Hardware and software b) Interconnected systems c) People d) All of the above - ANSWER Correct answer: d) All of the above OMB Circular A-130, App ill: "A system normally includes hardware, software, information, data, applications, communications, and people.' Incorrect answers: The individual choices alone do not constitute a system. Information systems must be considered in a holistic manner. 2. What are some of the threa...

1. What is defined as a simulation of an emergency designed to validate the viability of one or more aspects of an ISCP? a) ISCP Test b) ISCP Exercise c) ISCP Training d) ISCP Drill - ANSWER Correct answer: b) ISCP Exercise NIST SP 800-34rl, Paragraph 3.5.3 states: "An exercise is a simulation of an emergency designed to validate the viability of one or more aspects of an ISCP." Incorrect answers: a) ISCP Testing takes many forms, but is not necessarily scenario-based; c) ISCP Trai...

1. Name the reporting tool, which automates Agency FISMA reporting directly to the DHS. a) FISMA b) DHS Reporting Metrics c) Cyberscope d) Cyberstat - ANSWER Correct answer: c) CyberScope. In OMB M-10-15, CyberScope was designated as the reporting tool for FISMA reporting. Incorrect answers: a) FISMA requires the reports; b) DHS Reporting Metrics indicate what must be reported; d) CyberStat refers to OMB's reviews 2. Which family of security controls is considered Tier 2? a) A...

1. The implementation of a continuous monitoring program results in ongoing updates to all of the following documents, EXCEPT: a) Security Plan b) Security Assessment Plan c) Security Assessment Report d) Plan of Action & Milestones - ANSWER Correct answer: b) Security Assessment Plan NIST SP 800-137, Chapter 1 states: "Frequent updates to security plans, security assessment reports, plans of action and milestones, hardware and software inventories, and other system information are als...

FITSP-A Exam Questions and Answers

FITSP-A Question and answers 2023/2024 verified to passWhat elements are components of an information system? - correct answer OMB Circular A-130, App III: "A system normally includes hardware, software, information, data, applications, communications, and people." What are some of the threats that the information system faces? - correct answer NIST SP 800-39rl, p. 1: "Threats to information and information systems can include purposeful attacks, environmental disruptions, and human/machin...

FITSP-A Module 9 Exam Questions and Answers