Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ISC2 CGRC > RMF Step 3: Implement > Flashcards

RMF Step 3: Implement Flashcards

1
Q

Control implementation

A

include functional description of the control implementation (planned inputs, expected behavior, expected outputs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Input and Output of RMF Step 3: Implement

A

INPUT

  • SSP, with final selection of controls
  • Implementation Guidance
  • Configuration Guidance

OUTPUT

  • Security controls implemented within system
  • All supporting documents
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Guidances

A

800-53 Recommended controls

800-53A Guide for assessing controls

800-70 Configuration checklists

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Other guidances - NIST SP 800-34

A

CP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Other guidances - NIST SP 800-61

A

IR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Other guidances - NIST SP 800-63

A

IA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Other guidances - NIST SP 800-16/800-50

A

AT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Other guidances - NIST SP 800-40

A

SI-2 Patch mgmt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Other guidances - NIST SP SP 800-41

A

AC-4 & SC-7 Firewall Mgmt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Common control and example

A

control that provides capability for multiple systems

i.e. Organization’s Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

System specific Controls and example

A

controls that provide capability for particular system only

i.e. Host-based IDS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Hybrid Controls and example

A

controls that have both system specific and common characteristics

i.e. MS AD Group policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Functional descriptions include

A
  • planned inputs
  • expected behavior
  • expected outputs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Level of effort spent in documenting a system should be commensurate with system’s

A

purpose
scope
impact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Three types of controls and examples

A

1) technical controls - hw sw fw

2) operational and mgmt - personnel or processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are security configurations?

A

parameters that can be changed in HW or SW that affect the components functionality

17
Q

RMF Task 3-1

A

Implement controls specified in plan

18
Q

RMF Task 3-2

A

Document control implementation in the plan, providing functional description of control implementation(planned inputs, expected behavior, expected outputs)

ISC2 CGRC (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions