Statements of security capability to: (i) build in additional, but related, functionality to a security control; and/or (ii) increase the strength of the control.
Response:

• A.Security Control Enhancements
• B.System-Specific Security Control
• C.Security Control Inheritance
• D.Tailored Security Control Baseline

Comment: *

Name: *

Email: *

Verification: *

Which NIST Special publication provides guidance on security assessment reports? Response:

• A.NIST SP 800-37
• B.NIST SP 800-53A
• C.NIST SP 800-53
• D.NIST SP 800-18

Comment: *

Name: *

Email: *

Verification: *

The RMF Step and task where the System Security Plan is initially approved by the AO or AODR.
Response:

• A.RMF Step 2, Task 4
• B.RMF Step 2, Task 3
• C.RMF Step 2, Task 1
• D.RMF Step 2, Task 2

Comment: *

Name: *

Email: *

Verification: *

The objective of status reporting & documentation is to ensure the Information System Owner updates the ____________ __________ and the POAM and that the security status is reported to the AO.
Response:

• A.Contingency Plan
• B.Security Plan
• C.Assessment Plan
• D.Remediation plan

Comment: *

Name: *

Email: *

Verification: *

A citizen of the United States or an alien lawfully admitted for permanent residence. Agencies may, consistent with individual practice, choose to extend the protections of the Privacy Act and E
- Government Act to businesses, sole proprietors, aliens, etc.
Response:

• A.Individual
• B.Mixed
• C.Private
• D.Combined

Comment: *

Name: *

Email: *

Verification: *