Which of the following memorandums reminds the Federal agencies that it is required by law and
policy to establish clear privacy policies for Web activities and to comply with those policies

Lisa is the project manager of the SQL project for her company. She has completed the risk
response planning with her project team and is now ready to update the risk register to reflect the
risk response. Which of the following statements best describes the level of detail Lisa should
include with the risk responses she has created

You work as a security manager for BlueWell Inc. You are going through the NIST SP 800-37 C&A
methodology, which is based on four well defined phases. In which of the following phases of
NIST SP 800-37 C&A methodology does the security categorization occur

You work as a systems engineer for BlueWell Inc. You are working on translating system
requirements into detailed function criteria. Which of the following diagrams will help you to show
all of the function requirements and their groupings in one diagram

Which of the following phases of DITSCAP includes the activities that are necessary for the
continuing operation of an accredited IT system in its computing environment and for addressing
the changing threats that a system faces throughout its life cycle

Which of the following Security Control Assessment Tasks evaluates the operational, technical,
and the management security controls of the information system using the techniques and
measures selected or developed

The Phase 2 of DITSCAP C&A is known as Verification. The goal of this phase is to obtain a fully
integrated system for certification testing and accreditation. What are the process activities of this
phase Each correct answer represents a complete solution. Choose all that apply.

You work as a Network Administrator for PassGuide Inc. You need to secure web services of your
company in order to have secure transactions. Which of the following will you recommend for
providing security

Which of the following processes illustrate the study of a technical nature of interest to focused
audience, and consist of interim or final reports on work made by NIST for external sponsors,
including government and non-government sponsors

Fill in the blank with an appropriate phrase. __________ seeks to improve the quality of process
outputs by identifying and removing the causes of defects and variability in manufacturing and
business processes.