Security Control Baseline is defined as which of the following?

Prepare for the FISMA Interview Test. Get familiar with key topics and enhance your knowledge with flashcards and multiple-choice questions. Study effectively and be ready for your exam!

Multiple Choice

Security Control Baseline is defined as which of the following?

Explanation:
The main idea is that a security control baseline defines the minimum set of security controls that must be in place for information and systems, tailored to how much impact a loss or breach would have (low, moderate, or high). This creates a consistent starting point for security across different systems and ensures everyone meets a common minimum standard. This isn’t about a single practice like encryption, an incident response guide, or a data backup policy. Those are important components, but they’re specific procedures or topics. The baseline, by contrast, covers a broad set of controls across areas such as access control, auditing, configuration management, contingency planning, and more, and it scales by the information’s impact level.

The main idea is that a security control baseline defines the minimum set of security controls that must be in place for information and systems, tailored to how much impact a loss or breach would have (low, moderate, or high). This creates a consistent starting point for security across different systems and ensures everyone meets a common minimum standard.

This isn’t about a single practice like encryption, an incident response guide, or a data backup policy. Those are important components, but they’re specific procedures or topics. The baseline, by contrast, covers a broad set of controls across areas such as access control, auditing, configuration management, contingency planning, and more, and it scales by the information’s impact level.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy