Special Publication 800-30 Risk Management Guide Quiz

Questions and Answers

What are the responsibilities of ITL as mentioned in the text?

• Development of technical and physical standards for federal computer systems (correct)
• Development of guidelines for academic research
• Research and development of new computer security technologies
• Outreach efforts in computer security with industry, government, and academic organizations

What does the Special Publication 800-series reports on?

• Collaborative activities with international organizations
• Technical standards for computer hardware
• ITL’s research and guidance in computer security (correct)
• Federal regulations on information technology

What is the purpose of National Institute of Standards and Technology Special Publication 800-30?

• To describe the history of cybersecurity
• To provide security guidelines for federal computer systems (correct)
• To outline the development of computer hardware
• To promote international cybersecurity standards

What is included in the Risk Management Overview as mentioned in the text?

Importance of risk management and integration into SDLC (A)

Which step of risk assessment involves Threat Identification?

Step 2 (C)

What is the main focus of Special Publication 800-30?

Risk management for information technology systems (B)

Who are the authors of Special Publication 800-30?

Gary Stoneburner, Alice Goguen, and Alexis Feringa (C)

What is the role of the Information Technology Laboratory (ITL) at the National Institute of Standards and Technology?

Developing tests and test methods for information technology (C)

Which organization does Booz Allen Hamilton Inc. belong to?

U.S. Department of Commerce (C)

What is the publication date of Special Publication 800-30?

July 2002 (B)

Flashcards are hidden until you start studying