(ISC)2(ISC)2
CAP · Question #296
CAP Question #296: Real Exam Question with Answer & Explanation
The correct answer is B: SC information system = {(confidentiality, impact), (integrity, impact),(availability, impact)}. See the full explanation below for the reasoning.
Security and Privacy Governance, Risk Management, and Compliance Program
Question
Which of the following formulas was developed by FIPS 199 for categorization of an information system?
Options
- ASC information system = {(confidentiality, impact), (integrity, controls), (availability, risk)}
- BSC information system = {(confidentiality, impact), (integrity, impact),(availability, impact)}
- CSC information system = {(confidentiality, controls), (integrity, controls), (availability,
- DSC information system = {(confidentiality, risk), (integrity, impact), (availability, controls)}
Topics
#FIPS 199#Information System Categorization#Security Categorization#CIA Impact Levels
Community Discussion
No community discussion yet for this question.