And Correct Answer with Rational (100%
verified answer) Q & A 2026 /Instant
download PDF
1. What is the main purpose of NIST SP 800-53?
A. Software development
B. Security and privacy controls
C. Network routing
D. Cloud pricing
Answer: B
It defines security and privacy controls for federal information systems.
2. Which framework guides risk management in NIST?
A. COBIT
B. RMF
C. ITIL
D. ISO 9000
Answer: B
RMF provides a structured process for managing cybersecurity risk.
3. What does CIA triad stand for?
A. Control, Integrity, Access
B. Confidentiality, Integrity, Availability
C. Cyber, Information, Audit
D. Compliance, Inspection, Analysis
,Answer: B
It represents core security principles.
4. First step in NIST RMF?
A. Monitor
B. Authorize
C. Categorize
D. Implement
Answer: C
Systems are categorized based on impact level.
5. Who is responsible for authorizing a system?
A. ISSO
B. Authorizing Official
C. User
D. Auditor
Answer: B
The AO approves system operation.
6. What does FISMA stand for?
A. Federal Information Security Management Act
B. Federal Internet Security Model Act
C. File Information Security Monitoring Act
D. Federal Integration System Management Act
Answer: A
It governs federal cybersecurity requirements.
7. Which NIST publication defines RMF steps?
, A. 800-30
B. 800-37
C. 800-61
D. 800-171
Answer: B
SP 800-37 outlines RMF lifecycle.
8. What is continuous monitoring?
A. One-time audit
B. Ongoing security assessment
C. Password reset
D. Firewall installation
Answer: B
It ensures ongoing risk awareness.
9. What is a security control?
A. Software update
B. Safeguard or countermeasure
C. Network cable
D. Database field
Answer: B
Controls reduce risk exposure.
10. What does NIST stand for?
A. National Internet Security Team
B. National Institute of Standards and Technology
C. Network Infrastructure Security Tool
D. New Information Security Technique