nerdexam
EC-Council

312-50V10 · Question #81

Which regulation defines security and privacy controls for Federal information systems and organizations?

The correct answer is D. NIST-800-53. NIST Special Publication 800-53 is the authoritative catalog of security and privacy controls for U.S. federal information systems.

Information Security and Ethical Hacking Fundamentals

Question

Which regulation defines security and privacy controls for Federal information systems and organizations?

Options

  • AHIPAA
  • BEU Safe Harbor
  • CPCI-DSS
  • DNIST-800-53

How the community answered

(37 responses)
  • A
    5% (2)
  • B
    3% (1)
  • C
    3% (1)
  • D
    89% (33)

Why each option

NIST Special Publication 800-53 is the authoritative catalog of security and privacy controls for U.S. federal information systems.

AHIPAA

HIPAA (Health Insurance Portability and Accountability Act) governs the privacy and security of protected health information in the healthcare sector, not federal information systems broadly.

BEU Safe Harbor

EU Safe Harbor was a framework governing personal data transfers between the European Union and the United States for commercial entities, and has since been invalidated and replaced.

CPCI-DSS

PCI-DSS (Payment Card Industry Data Security Standard) is an industry-specific standard for organizations that handle payment card data, not a federal government security control framework.

DNIST-800-53Correct

NIST SP 800-53 was developed by the National Institute of Standards and Technology specifically to provide a comprehensive catalog of security and privacy controls for federal agencies and information systems, as mandated by FISMA. It defines control families covering areas such as access control, incident response, and risk assessment, and applies directly to federal organizations and their contractors.

Concept tested: NIST 800-53 federal security control framework

Source: https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final

Topics

#NIST-800-53#compliance frameworks#federal security#privacy controls

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice