EC-Council
312-50V9 · Question #347
312-50V9 Question #347: Real Exam Question with Answer & Explanation
The correct answer is A: NIST SP 800-53. NIST SP 800-53 is the federal standard for security and privacy controls applicable to U.S. government information systems and organizations.
Question
Security and privacy of/on information systems are two entities that requires lawful regulations. Which of the following regulations defines security and privacy controls for Federal information systems and organizations?
Options
- ANIST SP 800-53
- BPCI-DSS
- CEU Safe Harbor
- DHIPAA
Explanation
NIST SP 800-53 is the federal standard for security and privacy controls applicable to U.S. government information systems and organizations.
Common mistakes.
- B. PCI-DSS (Payment Card Industry Data Security Standard) governs the protection of cardholder data for organizations that process card payments, not federal information systems.
- C. EU Safe Harbor was a framework governing the transfer of personal data between the European Union and the United States for commercial entities, not a federal systems security control standard.
- D. HIPAA (Health Insurance Portability and Accountability Act) establishes privacy and security rules for protected health information in the healthcare industry, not for federal information systems broadly.
Concept tested. NIST SP 800-53 federal security and privacy controls
Reference. https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final
Community Discussion
No community discussion yet for this question.