Which of the following requires all general support systems and major applications to be fully certified and accredited before these systems and applications are put into production? Each correct answer represents a part of the solution.
Choose all that apply.
Click on the arrows to vote for the correct answer
A. B. C. D.reaccredited every three years.
Answer: A is incorrect.
The National Institute of Standards and Technology (NIST), known between 1901 and 1988 as the National.
FISMA and Office of Management and Budget (OMB) require all general support systems and major applications to be fully certified and accredited before they are put into production.
General support systems and major applications are also referred to as information systems and are required to be Bureau of Standards (NBS), is a measurement standards laboratory which is a non-regulatory agency of the United States Department of Commerce.
The institute's official mission is to promote U.S.
innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that standards developed by the United States federal government for use by all non-military government agencies and by government contractors.
Many FIPS standards are modified versions of standards used in the wider community (ANSI, IEEE, ISO, etc.)
Some FIPS standards were originally developed by the U.S.
government.
For instance, standards for encoding data (e.g., country codes), but more significantly some encryption standards, such as the Data Encryption Standard (FIPS 46-3) and the Advanced Encryption Standard (FIPS 197)
In 1994, NOAA (Noaa) began broadcasting coded signals called FIPS (Federal Information Processing System) codes along with their standard weather broadcasts from local stations.
These codes identify the type of emergency and the specific geographic area (such as a county) affected by the emergency.
The correct answer is D. FISMA (Federal Information Security Management Act).
FISMA is a federal law that requires federal agencies to develop, document, and implement an information security program to protect their information and information systems. FISMA requires agencies to establish an information security framework that includes risk management, security categorization, security controls, and security assessments and authorization.
One of the key requirements of FISMA is that all general support systems and major applications must be fully certified and accredited before they are put into production. Certification and accreditation (C&A) is a process that ensures that an information system meets the security requirements and is authorized to operate. The C&A process includes security testing, risk assessment, and a formal authorization decision.
A. NIST (National Institute of Standards and Technology) is a non-regulatory agency of the U.S. Department of Commerce that provides standards, guidelines, and best practices to improve cybersecurity. While NIST provides guidance on how to implement security controls and assess security risks, it does not require certification and accreditation of general support systems and major applications.
B. Office of Management and Budget (OMB) is an agency within the Executive Office of the President that oversees the implementation of policies and management practices across federal agencies. While OMB provides guidance on how to manage information technology resources, it does not require certification and accreditation of general support systems and major applications.
C. FIPS (Federal Information Processing Standards) are a set of standards that specify requirements for information processing systems used by the federal government. While FIPS provides guidance on how to implement security controls and assess security risks, it does not require certification and accreditation of general support systems and major applications.
In summary, the correct answer is D. FISMA requires all general support systems and major applications to be fully certified and accredited before they are put into production.