Computer science 21/232 FINAL EXAM [100% PASS]
Computer science 21/232 FINAL EXAM [100% PASS] What is included in the plan of action and Milestone (POA&M) that is presented in the Authorizing official (AO) as part of the initial authorization package? *Ans* Deficiencies that have not yet been remediate and verified throughout the management framework (RMF) process What are the steps of risk assessment *Ans* Prepare, conduct, communicate, Maintain which of the following cannot be delegated by the Authorizing official (AO)? *Ans* Authorization decision Configuring an information system (IS) to prohibit the use of unused ports and protocols *Ans* Helps provide least functionality The Authorization boundary of a system undergoing assessment includes *Ans* The information system (IS) components to be authorized for operation Which of the following BEST describes a government-wide standard for Assessment and Authorization (A&A) and continuous monitoring for cloud products, Which is mandatory for federal agencies and Cloud Service Providers (CSP)? *Ans* Federal Risk and Authorization Management Program (FedRAMP) All federal agencies are required by law *Ans* protect information systems (IS) used or operated by a contractor of an agency or other organization on behalf of an agency What is the Primary goal of an information security continuous Monitoring (ISCM) strategy *Ans* support organization risk management decisions An organization is developing a risk assessment for a newly installed information system (IS) to determine the best configuration or a supporting information technology (IT) product. Which of the following specific factors is often overlooked in this analysis? *Ans* Effectiveness of inherited security controls If an assessment of a common control determines that it is not effective, what documentation is required? *Ans* Plan of action and Milestones (POA&M) As part of an annual Federal information Security Management Act (FISMA) compliance audit and inspector general security program review has identified vulnerabilities to an information system (IS) in an operational division, which of the following activities is the MOST likely to occur? *Ans* Update the Plan of Action and Milestones (POA&M) Which of the following documents proides a function description of the information system (IS) control implementation? *Ans* risk assessment report
Written for
- Institution
- Graduation in computer science
- Course
- Graduation in computer science
Document information
- Uploaded on
- April 6, 2024
- Number of pages
- 18
- Written in
- 2023/2024
- Type
- Exam (elaborations)
- Contains
- Questions & answers
Subjects
-
computer science 21232 final exam 100 pass wh
Also available in package deal
