FITSAF stands for Federal Information Technology Security Assessment Framework.
It is a methodology for assessing the security of information systems.
Which of the following FITSAF levels shows that the procedures and controls are tested and reviewed?
Click on the arrows to vote for the correct answer
A. B. C. D. E.C.
FITSAF is a framework that provides guidance on how to assess and manage the security of information systems. It is used by Federal agencies in the United States to ensure the security of their IT systems.
The FITSAF methodology consists of five levels, each of which represents a different level of maturity in terms of security assessment and authorization. The levels are as follows:
The question is asking which FITSAF level shows that the procedures and controls are tested and reviewed. The answer is Level 3: Security control testing.
At this level, the security controls are tested to ensure that they are operating effectively and as intended. This includes testing the technical and non-technical controls, such as policies, procedures, and training. The results of these tests are then reviewed to identify any weaknesses or vulnerabilities in the system.
Overall, FITSAF provides a structured approach to security assessment and authorization that helps organizations ensure the confidentiality, integrity, and availability of their information systems.