17.In security management, which of the following is issued by a management official and serves as a means of assuring that systems are of adequate quality?
PTS:1REF:26818.Which of the following is Tier 3 (indicating tactical risk) of the tiered risk management approach?
PTS:1REF:27019.According to NIST SP 800-37, which of the following is the first step in the security controls selection process?a.categorize the information system and the information processedb.select an initial set of baseline security controlsc.assess the security controls using appropriate assessment proceduresd.authorize information system operation based on risk determinationANS: A
PTS:1REF:27020.The Authorize step of the NIST six-step approach to the risk management framework involves all but which of the following tasks?
PTS:1REF:273COMPLETION1.Best security practices balance the need for user _____________ to information with the need for adequate protection while simultaneously demonstrating fiscal responsibility.