FITSP-MANAGER Exam Questions and
Answers Graded A+
this legislation requires Federal agencies to develop document and implement an
agency wide information security program - Correct answer-Clinger-Cohen
What are the six steps of the RMF - Correct answer-Categorize
Select
Implement
Assess
Authorize
Monitor
What is the term used to evaluate operational information systems against the
RMF, to determine the security controls in place and the requirements to mitigate
risk at a acceptable level? - Correct answer-Gap Anaylsis
What is the legal precedence - Correct answer-Consitution
Public Law
©COPYRIGHT 2025, ALL RIGHTS RESERVED 1
,Executive Orders/Presidential Directives
Processing Standards
Agency Regulations
State / Local Laws
Industry Standards
What is the Privacy Act - 1974 four basic policy objectives? - Correct answer-
Restict disclosure
Increased rights of access to agency records
Grant individuals the rights to seek amendment
Establish a code of fair information practices
What is the purpose of Computer Fraud and Abuse Act (CFAA) - 1986? - Correct
answer-Intended to reduce cracking of computer systems and to address Federal
computer-related offenses.
Governs case with a compelling Federal interest.
What computer in theory are covered by the CFAA and defined as protected
computers? - Correct answer-Exclusively used by a financial institution or the US
©COPYRIGHT 2025, ALL RIGHTS RESERVED 2
,goverment, or any computer when the conduct constituting the offense affect the
computer use by or for the financial institution or the goverement
Used in or affecting interstate or foreign commerce or communication, including a
computer located outside the US.
What does the Electronic Communications Privacy Act of 1986 (ECPA) restrict,
prohibit and permit? - Correct answer-Restict wire taps from telephone call to
include transmissions of electronic data by computer
Prohibit access to store electronic communications
Permits the tracing of telephone communications
What superseded the Computer Security Act of 1987? - Correct answer-FISMA of
2002
Why was the the Computer Security Act - 1987 passed? - Correct answer-To
improved the security and privacy of sensitive information in Federal systems, and
to establish a minimum acceptable security practices for such systems.
©COPYRIGHT 2025, ALL RIGHTS RESERVED 3
, What does the Computer Security Act - 1987 assign, require and mandate. -
Correct answer-Assigned NIST formerly know as National Bureau of Standards) to
develop standard of minumum acceptable practices with help of the NSA
Required the establishment of security policies of Federal computer system that
contain sensitive information
Mandated security awareness training for Federal employees that use those
systems
What's another name for the Information Technology Managment Reform Act -
1996? - Correct answer-Clinger-Cohen Act
What did the Clinger-Cohen Act do? - Correct answer-Implemented the Capital
Planning Investment Control (CPIC) IT budget planning process
Granted OMB authority to oversee the acquisition,use,and disposal of IT by the
Federal Goverment
Established CIO positions in every department and agency in the Federal
Goverment
Established the CIO council with 28 major agencies and OMB
©COPYRIGHT 2025, ALL RIGHTS RESERVED 4
Answers Graded A+
this legislation requires Federal agencies to develop document and implement an
agency wide information security program - Correct answer-Clinger-Cohen
What are the six steps of the RMF - Correct answer-Categorize
Select
Implement
Assess
Authorize
Monitor
What is the term used to evaluate operational information systems against the
RMF, to determine the security controls in place and the requirements to mitigate
risk at a acceptable level? - Correct answer-Gap Anaylsis
What is the legal precedence - Correct answer-Consitution
Public Law
©COPYRIGHT 2025, ALL RIGHTS RESERVED 1
,Executive Orders/Presidential Directives
Processing Standards
Agency Regulations
State / Local Laws
Industry Standards
What is the Privacy Act - 1974 four basic policy objectives? - Correct answer-
Restict disclosure
Increased rights of access to agency records
Grant individuals the rights to seek amendment
Establish a code of fair information practices
What is the purpose of Computer Fraud and Abuse Act (CFAA) - 1986? - Correct
answer-Intended to reduce cracking of computer systems and to address Federal
computer-related offenses.
Governs case with a compelling Federal interest.
What computer in theory are covered by the CFAA and defined as protected
computers? - Correct answer-Exclusively used by a financial institution or the US
©COPYRIGHT 2025, ALL RIGHTS RESERVED 2
,goverment, or any computer when the conduct constituting the offense affect the
computer use by or for the financial institution or the goverement
Used in or affecting interstate or foreign commerce or communication, including a
computer located outside the US.
What does the Electronic Communications Privacy Act of 1986 (ECPA) restrict,
prohibit and permit? - Correct answer-Restict wire taps from telephone call to
include transmissions of electronic data by computer
Prohibit access to store electronic communications
Permits the tracing of telephone communications
What superseded the Computer Security Act of 1987? - Correct answer-FISMA of
2002
Why was the the Computer Security Act - 1987 passed? - Correct answer-To
improved the security and privacy of sensitive information in Federal systems, and
to establish a minimum acceptable security practices for such systems.
©COPYRIGHT 2025, ALL RIGHTS RESERVED 3
, What does the Computer Security Act - 1987 assign, require and mandate. -
Correct answer-Assigned NIST formerly know as National Bureau of Standards) to
develop standard of minumum acceptable practices with help of the NSA
Required the establishment of security policies of Federal computer system that
contain sensitive information
Mandated security awareness training for Federal employees that use those
systems
What's another name for the Information Technology Managment Reform Act -
1996? - Correct answer-Clinger-Cohen Act
What did the Clinger-Cohen Act do? - Correct answer-Implemented the Capital
Planning Investment Control (CPIC) IT budget planning process
Granted OMB authority to oversee the acquisition,use,and disposal of IT by the
Federal Goverment
Established CIO positions in every department and agency in the Federal
Goverment
Established the CIO council with 28 major agencies and OMB
©COPYRIGHT 2025, ALL RIGHTS RESERVED 4