Baselines are based upon the IMPACT level as defined in FIPS 199, selected via CNSSI-1253 or FIPS 200, and now implemented through catalog of controls found in SP 800-53. Baselines are based upon the IMPACT level defined in which standard?

Enhance your preparation for the Federal IT Security Professional Test. Use quizzes, flashcards, and detailed explanations to ensure success. Stay ahead in the field of IT Security!

Multiple Choice

Baselines are based upon the IMPACT level as defined in FIPS 199, selected via CNSSI-1253 or FIPS 200, and now implemented through catalog of controls found in SP 800-53. Baselines are based upon the IMPACT level defined in which standard?

Explanation:
IMPACT levels define how severe the consequences would be if information is compromised, and FIPS 199 is where those levels are specified. It lays out the Low, Moderate, and High impact categories across confidentiality, integrity, and availability, providing the standard by which information and systems are categorized. CNSSI-1253 uses those definitions (and, where appropriate, maps to FIPS 200 for security requirements), FIPS 200 sets the minimum controls tied to those levels, and SP 800-53 supplies the actual control catalog. But the essential source for the IMPACT level itself is FIPS 199.

IMPACT levels define how severe the consequences would be if information is compromised, and FIPS 199 is where those levels are specified. It lays out the Low, Moderate, and High impact categories across confidentiality, integrity, and availability, providing the standard by which information and systems are categorized. CNSSI-1253 uses those definitions (and, where appropriate, maps to FIPS 200 for security requirements), FIPS 200 sets the minimum controls tied to those levels, and SP 800-53 supplies the actual control catalog. But the essential source for the IMPACT level itself is FIPS 199.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy