← All answer keys
Community QuestionSeen on 6 CBTs

NIST SP 800-53

Community-sourced. Answers may be wrong or out of date. Always verify with your official training portal before submitting. Not affiliated with any branch, agency, or vendor. Details.
Answer

Recommended Security Controls for Federal Information Systems and Organizations. The purpose of this publication is to provide guidelines for selecting and specifying security controls for information systems supporting the executive agencies of the federal government to meet the requirements of FIPS 200, Minimum Security Requirements for Federal Information and Information Systems. The guidelines apply to all components11 of an information system that process, store, or transmit federal information. The guidelines have been developed to help achieve more secure information systems and effective risk management within the federal government by: • Facilitating a more consistent, comparable, and repeatable approach for selecting and specifying security controls for information systems and organizations; • Providing a recommendation for minimum security controls for information systems categorized in accordance with FIPS 199, Standards for Security Categorization of Federal Information and Information Systems; • Providing a stable, yet flexible catalog of security controls for information systems and organizations to meet current organizational protection needs and the demands of future protection needs based on changing requirements and technologies; • Creating a foundation for the development of assessment methods and procedures for determining security control effectiveness; and • Improving communication among organizations by providing a common lexicon that supports discussion of risk management concepts. The guidelines in this special publication are applicable to all federal information systems12 other than those systems designated as national security systems as defined in 44 U.S.C., Section 3542. The guidelines have been broadly developed from a technical perspective to complement similar guidelines for national security systems and may be used for such systems with the approval of appropriate federal officials exercising policy authority over such systems.13 State, local, and tribal governments, as well as private sector organizations are encouraged to consider using these guidelines, as appropriate.

Alternate answers seen on other CBTs

The same question shows up worded slightly differently across CBT versions. Here are the other answer variants we've indexed.

Its primary goal and objective is to ensure that appropriate security requirements and security controls are applied to all U.S. Federal Government information and information management systems.

Cybrary Comptia Security+

The NIST SP 800-xx provides a catalog of controls that support the development of secure and resilient federal information systems. These controls are the operational, technical, and management safeguards used by information systems to maintain the integrity, confidentiality, and security of federal information systems. NIST guidelines adopt a multi-tiered approach to risk management through control compliance. SP 800-xx works alongside SP 800-37, which was developed to provide federal agencies and contractors with guidance on implementing risk management programs. SP 800-xx focuses on the controls which can be used along with the risk management framework outlined in 800-37

Nist 800 45

_________________ provides a security controls catalog and guidance for security control selection.

Rmf Step 2

This question appears on

Cybrary Comptia Security+Identifies Federal Information Security ControlsNist 800 45Nist 800 54Nist 800 83Rmf Step 2