FITSP-MANAGER EXAM 2025 QUESTIONS
WITH ANSWERS.
takes streams of data and reduces it to fixed size through
a one-way mathematical function. - correct answer - Secure hash function
What does digital signature provide? - correct answer -Non- repudiation
(authentication + integrity)
What are PKI components - correct answer -Certificate Authority (CA)
Registration Authority (RA)
Respository - database of active digital cert for a CA
Archive - database of info to be used in settling future disputes
Public key certificate
Certificate Revocation Lists
Pki users
What are key establisment - correct answer -rsa
Diffie-Hellman
Fortezza-kea - key agreement algorithm used by Fortezza card supported by
DOD
,What symmetric encryption algorithms provide confidentiality? - correct
answer -IDEA
RC4
3DES-EDE
AES
What Signature and Hashes? - correct answer -RSA - signature DSA -
signature
MD5 - hash
SHA1 - hash
In what security mode are Bluetooth devices considered promiscuous? -
correct answer -Security Mode 1 is non-secure
NIST Interagency or Internal Reports (nistirs) describe research of a technical
nature of interes to specialized audience. True or False - correct answer -True
What are some NIST Interagency Reports? - correct answer -IR 7581 - System
and Network Security Acronyms and Abbreviatons
What does NIST IR 7564 provied? - correct answer -This report discusses
security metrics.
Metrics are categorize as
,Strategic Support
Quality Assurance
Tactical Oversight
What is the annual NIST Intergency Report? - correct answer -IR 7816 -2011
Computer Security Division Report. This report published by NIST CSD
outlines the units accomplishments during fy 2011
What does NIST IR 7359 Information Security Guide for Gov Executives? -
correct answer -Provides an overview of info security program concept to
assist senior leadership in understanding how to oversee and support the
development and implementation of security program
What does IR 7536 cover? - correct answer -- last year various divisions
- biometrics validation and implementation of under FIPS-201 and HSPD-12
-highlights FISMA implementation projects and associated SP Crypto
Module Validation Program
Crypto Algorithm Validation Program
This provide federal agencies in US, Canada and United Kingdom with
confidence that a validated cryptographic module meets a claimed level of
security assurance.
What does IR 7358 - Program Review for Information Security Management
Assistance (PRISMA) provides? - correct answer - Utilizes a standardized
approach for review and measurement of an information security program.
, What does PRISM Topic Areas of Coverage provide? - correct answer -The
first 8 topic areas focus on the strategic aspect of info security program
management. The review identifies the level of maturity of the info sec
program and the agency's ability to comply with existing requirement in the 8
areas.
What does IR 7316 Assessment of Access Control System provide? - correct
answer -This report provides an overview and detailed information access
controls. It discusses the capablilities, limitations, and qualities of access
control mechnisms embedded for each access control.
What does IR 7298 - Glossary of Key Information Security Terms? - correct
answer -It includes most of the term in the NIST publications, FIPS, NISTIR
and CNSSI-4009.
What does IR 7206 - Smart Cards and Mobile devices Authentication: An
Overview and Implementation - correct answer
-This report provides and overview of two novel types of smart card that use
standard interfaces supported by handheld devices, instead of those interfaces
favored by most smart card readers
This legislation requires Federal agencies to develop document and
implement an agency wide information security program - correct answer -
Clinger-Cohen
WITH ANSWERS.
takes streams of data and reduces it to fixed size through
a one-way mathematical function. - correct answer - Secure hash function
What does digital signature provide? - correct answer -Non- repudiation
(authentication + integrity)
What are PKI components - correct answer -Certificate Authority (CA)
Registration Authority (RA)
Respository - database of active digital cert for a CA
Archive - database of info to be used in settling future disputes
Public key certificate
Certificate Revocation Lists
Pki users
What are key establisment - correct answer -rsa
Diffie-Hellman
Fortezza-kea - key agreement algorithm used by Fortezza card supported by
DOD
,What symmetric encryption algorithms provide confidentiality? - correct
answer -IDEA
RC4
3DES-EDE
AES
What Signature and Hashes? - correct answer -RSA - signature DSA -
signature
MD5 - hash
SHA1 - hash
In what security mode are Bluetooth devices considered promiscuous? -
correct answer -Security Mode 1 is non-secure
NIST Interagency or Internal Reports (nistirs) describe research of a technical
nature of interes to specialized audience. True or False - correct answer -True
What are some NIST Interagency Reports? - correct answer -IR 7581 - System
and Network Security Acronyms and Abbreviatons
What does NIST IR 7564 provied? - correct answer -This report discusses
security metrics.
Metrics are categorize as
,Strategic Support
Quality Assurance
Tactical Oversight
What is the annual NIST Intergency Report? - correct answer -IR 7816 -2011
Computer Security Division Report. This report published by NIST CSD
outlines the units accomplishments during fy 2011
What does NIST IR 7359 Information Security Guide for Gov Executives? -
correct answer -Provides an overview of info security program concept to
assist senior leadership in understanding how to oversee and support the
development and implementation of security program
What does IR 7536 cover? - correct answer -- last year various divisions
- biometrics validation and implementation of under FIPS-201 and HSPD-12
-highlights FISMA implementation projects and associated SP Crypto
Module Validation Program
Crypto Algorithm Validation Program
This provide federal agencies in US, Canada and United Kingdom with
confidence that a validated cryptographic module meets a claimed level of
security assurance.
What does IR 7358 - Program Review for Information Security Management
Assistance (PRISMA) provides? - correct answer - Utilizes a standardized
approach for review and measurement of an information security program.
, What does PRISM Topic Areas of Coverage provide? - correct answer -The
first 8 topic areas focus on the strategic aspect of info security program
management. The review identifies the level of maturity of the info sec
program and the agency's ability to comply with existing requirement in the 8
areas.
What does IR 7316 Assessment of Access Control System provide? - correct
answer -This report provides an overview and detailed information access
controls. It discusses the capablilities, limitations, and qualities of access
control mechnisms embedded for each access control.
What does IR 7298 - Glossary of Key Information Security Terms? - correct
answer -It includes most of the term in the NIST publications, FIPS, NISTIR
and CNSSI-4009.
What does IR 7206 - Smart Cards and Mobile devices Authentication: An
Overview and Implementation - correct answer
-This report provides and overview of two novel types of smart card that use
standard interfaces supported by handheld devices, instead of those interfaces
favored by most smart card readers
This legislation requires Federal agencies to develop document and
implement an agency wide information security program - correct answer -
Clinger-Cohen
