nerdexam
(ISC)2

CAP · Question #356

Which of the following requires all general support systems and major applications to be fully certified and accredited before these systems and applications are put into production? Each correct answ

The correct answer is C. Office of Management and Budget (OMB) D. FISMA. Both OMB (C) and FISMA (D) mandate that federal general support systems and major applications undergo Certification and Accreditation (C&A) before going into production. FISMA (Federal Information Security Management Act) is the law that formally requires this process for federa

Security and Privacy Governance, Risk Management, and Compliance Program

Question

Which of the following requires all general support systems and major applications to be fully certified and accredited before these systems and applications are put into production? Each correct answer represents a part of the solution. Choose all that apply.

Options

  • ANIST
  • BFIPS
  • COffice of Management and Budget (OMB)
  • DFISMA

How the community answered

(35 responses)
  • A
    6% (2)
  • B
    9% (3)
  • C
    86% (30)

Explanation

Both OMB (C) and FISMA (D) mandate that federal general support systems and major applications undergo Certification and Accreditation (C&A) before going into production. FISMA (Federal Information Security Management Act) is the law that formally requires this process for federal information systems. OMB's Circular A-130 implements FISMA requirements and enforces that agencies certify and accredit systems. NIST (A) provides the guidelines and standards (like SP 800-37) for how C&A is performed, but does not issue the mandate itself. FIPS (B) defines standards for cryptography and data processing, not C&A requirements.

Topics

#FISMA#OMB#Security Authorization#Federal Compliance

Community Discussion

No community discussion yet for this question.

Full CAP Practice