Name That Control!
Specifies group and role membership
What is AC-2.D
What are the four phases of an Assessment
What is Prepare>Develop Plans>Conduct the Assessment>Analyze Assessment?
We conduct this testing in case we have a disruption
What is Contingency Planning Testing?
Baseline configurations for systems and system components include connectivity, operational, and communications aspects of systems.
What is CM-2
What is Examine, Interview, Test?
What is a Policy Control?
This chapter describes the process of assessing the security and privacy controls in organizational systems and environments of operation.
What is the Process
a secondary measure that is put in place when a primary control is not able to fully address a risk.
What is a compensating control
Policies, procedures, plans, specifications, designs, records, administrator/operator manuals, system documentation, information exchange agreements, previous assessment results
What are artifacts?
Protects the confidentiality and integrity of transmitted information for internal and external networks
What is SC-8
ATO Documents
SSP, SAR, POA&Ms