NSA Triad and Security Assessment Quiz

Questions and Answers

PDF Questions PDF Answers

What is the top-down approach to studying the security posture of an organization called in the NSA's information security training program?

Assessment, Review, and Recommendation

Planning, Evaluation, and Implementation

Security, Feasibility, and Balance

Assessment, Evaluation, and Penetration Testing (correct)

What is the main focus of the first phase in the NSA's security assessment triad?

Initiating evaluation activities

Conducting vulnerability assessments

Reviewing critical assets of the organization (correct)

Developing long-term security plans

What is the purpose of the second phase in the NSA's security assessment triad?

Initiating vulnerability assessments

Conducting evaluation activities (correct)

Studying potential security incidents over the next 3 years

Assessing the feasibility of security programs

What is the balance that feasibility is modeled as in the security program according to the text?

Balance between cost and residual risks

In compliance with the Presidential Decision Directive (PDD)-63, what training program did the NSA develop for public agencies to enhance their security posture?

Information Assurance Training and Ratings Program (IATRP)