FITSP-M REGULATIONS QUESTIONS
AND ANSWERS WITH COMPLETE
SOLUTIONS ALREADY PASSED!!!
Question 1
Which NIST Special Publication details Generally Accepted Principles and
Practices for Securing Information Technology Systems (GASSP)?
ANSWER: NIST SP 800-14 ✔✔
Question 2
Which publication provides federal agencies with comprehensive guidelines for
developing System Security Plans (SSPs)?
ANSWER: NIST SP 800-18 ✔✔
Question 3
Which document establishes the foundational engineering principles for IT security
based on Common Criteria?
ANSWER: NIST SP 800-27, Rev. A ✔✔
Question 4
Which authoritative guide outlines the step-by-step methodology for conducting
formal information security risk assessments?
ANSWER: NIST SP 800-30, Rev. 1 ✔✔
Question 5
Which framework serves as the definitive contingency planning and disaster
recovery guide for federal information systems?
, ANSWER: NIST SP 800-34 ✔✔
Question 6
Which publication outlines the modernized guidelines for applying the Risk
Management Framework (RMF) to federal information systems?
ANSWER: NIST SP 800-37, Rev. 2 ✔✔
Managing Information Security Risk
F.A.R.M.
Frame, Asses, Respond, Monitor -ANSWER ✔✔NIST SP 800-39
Patch and Vulnerability Management Program -ANSWER ✔✔NIST SP 800-40,
rev 3
Firewalls and Firewall Policy -ANSWER ✔✔NIST SP 800-41 , rev 1
Guidelines on Email Security -ANSWER ✔✔NIST SP 800-45, rev 2
Guide to Enterprise Telework and Remote Access Security -ANSWER ✔✔NIST
SP 800-46, rev 1
Interconnecting IT Systems -ANSWER ✔✔NIST SP 800-47
IT Security Awareness and Training Program -ANSWER ✔✔NIST SP 800-50
Security Controls for Federal IT Systems -ANSWER ✔✔NIST SP 800-53, rev4
AND ANSWERS WITH COMPLETE
SOLUTIONS ALREADY PASSED!!!
Question 1
Which NIST Special Publication details Generally Accepted Principles and
Practices for Securing Information Technology Systems (GASSP)?
ANSWER: NIST SP 800-14 ✔✔
Question 2
Which publication provides federal agencies with comprehensive guidelines for
developing System Security Plans (SSPs)?
ANSWER: NIST SP 800-18 ✔✔
Question 3
Which document establishes the foundational engineering principles for IT security
based on Common Criteria?
ANSWER: NIST SP 800-27, Rev. A ✔✔
Question 4
Which authoritative guide outlines the step-by-step methodology for conducting
formal information security risk assessments?
ANSWER: NIST SP 800-30, Rev. 1 ✔✔
Question 5
Which framework serves as the definitive contingency planning and disaster
recovery guide for federal information systems?
, ANSWER: NIST SP 800-34 ✔✔
Question 6
Which publication outlines the modernized guidelines for applying the Risk
Management Framework (RMF) to federal information systems?
ANSWER: NIST SP 800-37, Rev. 2 ✔✔
Managing Information Security Risk
F.A.R.M.
Frame, Asses, Respond, Monitor -ANSWER ✔✔NIST SP 800-39
Patch and Vulnerability Management Program -ANSWER ✔✔NIST SP 800-40,
rev 3
Firewalls and Firewall Policy -ANSWER ✔✔NIST SP 800-41 , rev 1
Guidelines on Email Security -ANSWER ✔✔NIST SP 800-45, rev 2
Guide to Enterprise Telework and Remote Access Security -ANSWER ✔✔NIST
SP 800-46, rev 1
Interconnecting IT Systems -ANSWER ✔✔NIST SP 800-47
IT Security Awareness and Training Program -ANSWER ✔✔NIST SP 800-50
Security Controls for Federal IT Systems -ANSWER ✔✔NIST SP 800-53, rev4
