312-50V9 · Question #347
Security and privacy of/on information systems are two entities that requires lawful regulations. Which of the following regulations defines security and privacy controls for Federal information syste
The correct answer is A. NIST SP 800-53. NIST SP 800-53 is the federal standard for security and privacy controls applicable to U.S. government information systems and organizations.
Question
Security and privacy of/on information systems are two entities that requires lawful regulations. Which of the following regulations defines security and privacy controls for Federal information systems and organizations?
Options
- ANIST SP 800-53
- BPCI-DSS
- CEU Safe Harbor
- DHIPAA
How the community answered
(21 responses)- A90% (19)
- C5% (1)
- D5% (1)
Why each option
NIST SP 800-53 is the federal standard for security and privacy controls applicable to U.S. government information systems and organizations.
NIST SP 800-53 'Security and Privacy Controls for Information Systems and Organizations' is a publication by the National Institute of Standards and Technology that provides a comprehensive catalog of security and privacy controls specifically designed for federal information systems. It is mandated under FISMA for U.S. federal agencies and serves as the authoritative framework for assessing and selecting controls to manage risk. No other listed regulation fulfills this specific federal mandate.
PCI-DSS (Payment Card Industry Data Security Standard) governs the protection of cardholder data for organizations that process card payments, not federal information systems.
EU Safe Harbor was a framework governing the transfer of personal data between the European Union and the United States for commercial entities, not a federal systems security control standard.
HIPAA (Health Insurance Portability and Accountability Act) establishes privacy and security rules for protected health information in the healthcare industry, not for federal information systems broadly.
Concept tested: NIST SP 800-53 federal security and privacy controls
Source: https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final
Topics
Community Discussion
No community discussion yet for this question.