Which statement best describes the purpose of NIST SP 800-18?

Prepare for the FISMA Interview Test. Get familiar with key topics and enhance your knowledge with flashcards and multiple-choice questions. Study effectively and be ready for your exam!

Multiple Choice

Which statement best describes the purpose of NIST SP 800-18?

Explanation:
NIST SP 800-18 is about creating the security plan for a federal information system. This guide shows how to document what security controls are in place, how they’re implemented, and how they meet the system’s requirements. It also covers roles and responsibilities, ongoing management, and how the plan will be assessed and maintained over time, so an authorizing official can make a risk-based decision about the system. The other options point to different NIST guides: one focuses on the broader certification and accreditation process, another on contingency planning, and another on mapping information to security categories. In short, the best description is that this publication guides developing the formal security plan for federal information systems.

NIST SP 800-18 is about creating the security plan for a federal information system. This guide shows how to document what security controls are in place, how they’re implemented, and how they meet the system’s requirements. It also covers roles and responsibilities, ongoing management, and how the plan will be assessed and maintained over time, so an authorizing official can make a risk-based decision about the system. The other options point to different NIST guides: one focuses on the broader certification and accreditation process, another on contingency planning, and another on mapping information to security categories. In short, the best description is that this publication guides developing the formal security plan for federal information systems.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy