RMF - DAAG
This is the first RMF step where a system is formally defined, including security capabilities and authorization boundaries.
What is “Categorize the System”?
This control requires organizations to enforce the principle that users should only have the minimum access necessary to perform their job.
What is AC-6 (Least Privilege)?
This 2004 comedy brought us fetch, Burn Books, and “On Wednesdays, we wear pink.”
What is “Mean Girls”?
This 1994 low-budget film by Kevin Smith was shot entirely at the convenience store where he actually worked.
What is “Clerks”?
This Argentine forward, who spent most of his career with Barcelona, has won multiple Ballon d’Or awards and is considered one of the greatest soccer players ever.
Who is Lionel Messi?
According to DCSA guidance, this document identifies all hardware, software, firmware, and external services supporting an information system.
What is the System Security Plan (SSP)?
This control mandates generating and retaining logs that support after-the-fact investigations of incidents.
What is AU-2 (Audit Events)?
This 2017 psychological horror film written by Jordan Peele introduced the now-famous “Sunken Place.”
What is “Get Out”?
This 1999 animated comedy was marketed as a kids' film but sparked controversy with satirical religious themes.
What is “South Park: Bigger, Longer & Uncut”?
This player broke the MLB career home run record in 2007 with his 756th home run.
Who is Barry Bonds?
These three impact areas—defined in FIPS 199—drive a system’s security categorization.
What are confidentiality, integrity, and availability?
This control requires organizations to identify, report, and correct system flaws, such as applying security patches.
What is SI-2 (Flaw Remediation)?
This 2010 mind-bending Christopher Nolan film dives into dreams within dreams.
What is “Inception”?
The famous line “You know, I’m something of a scientist myself” became a meme decades later, but this actor delivered it in a 1996 mockumentary-style comedy.
What is “The Cable Guy”
Selected first overall in the 2004 NFL Draft by the San Diego Chargers, he went on to set numerous passing records and played until 2019.
Who is Eli Manning?
This individual ultimately signs the Authorization to Operate (ATO) decision for systems under DCSA oversight.
Who is the Authorizing Official (AO)?
This control requires establishing and maintaining baseline configurations for information systems.
What is CM-2 (Baseline Configuration)?
This 1998 Coen Brothers film, which flopped at the box office, spawned a real-world religion called “Dudeism.”
What is “The Big Lebowski”?
This 1990 film held the record for highest-grossing live-action comedy for more than 20 years.
What is “Home Alone”?
This Swiss player has won 20 Grand Slam singles titles, including eight Wimbledon championships.
Who is Roger Federer?
Under DCSA policy, this person is responsible for ensuring day-to-day compliance with RMF and maintaining system security documentation.
Who is the Information System Security Manager (ISSM)?
This control requires organizations to develop procedures for detecting, reporting, and responding to cybersecurity events.
What is IR-4 (Incident Handling)?
This 1992 debut film by Quentin Tarantino was shot almost entirely in a warehouse due to budget limitations.
What is “Reservoir Dogs”?
Though often cited as a simple slapstick comedy, this 1990 Farrelly brothers’ film was inspired by a real-life court case involving a misdiagnosed medical condition.
What is “Dumb and Dumber”?
This “Iron Man” holds the MLB record for most consecutive games played at 2,632.
Who is Cal Ripken Jr.?