EC-Council
312-50V10 · Question #81
312-50V10 Question #81: Real Exam Question with Answer & Explanation
The correct answer is D: NIST-800-53. NIST Special Publication 800-53 is the authoritative catalog of security and privacy controls for U.S. federal information systems.
Information Security and Ethical Hacking Fundamentals
Question
Which regulation defines security and privacy controls for Federal information systems and organizations?
Options
- AHIPAA
- BEU Safe Harbor
- CPCI-DSS
- DNIST-800-53
Explanation
NIST Special Publication 800-53 is the authoritative catalog of security and privacy controls for U.S. federal information systems.
Common mistakes.
- A. HIPAA (Health Insurance Portability and Accountability Act) governs the privacy and security of protected health information in the healthcare sector, not federal information systems broadly.
- B. EU Safe Harbor was a framework governing personal data transfers between the European Union and the United States for commercial entities, and has since been invalidated and replaced.
- C. PCI-DSS (Payment Card Industry Data Security Standard) is an industry-specific standard for organizations that handle payment card data, not a federal government security control framework.
Concept tested. NIST 800-53 federal security control framework
Reference. https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final
Topics
#NIST-800-53#compliance frameworks#federal security#privacy controls
Community Discussion
No community discussion yet for this question.