nerdexam
(ISC)2

CAP · Question #71

Which of the following refers to an information security document that is used in the United States Department of Defense (DoD) to describe and accredit networks and systems?

The correct answer is A. SSAA. SSAA stands for System Security Authorization Agreement. It is a formal DoD document used to describe the security requirements and accreditation status of a system or network. It serves as the primary security document that captures the system's security configuration, controls,

System Compliance

Question

Which of the following refers to an information security document that is used in the United States Department of Defense (DoD) to describe and accredit networks and systems?

Options

  • ASSAA
  • BFIPS
  • CFITSAF
  • DTCSEC

How the community answered

(58 responses)
  • A
    90% (52)
  • B
    3% (2)
  • C
    5% (3)
  • D
    2% (1)

Explanation

SSAA stands for System Security Authorization Agreement. It is a formal DoD document used to describe the security requirements and accreditation status of a system or network. It serves as the primary security document that captures the system's security configuration, controls, and authorization to operate (ATO). FIPS (Federal Information Processing Standards) are general federal standards; FITSAF (Federal IT Security Assessment Framework) is a framework for assessing IT security; and TCSEC (Trusted Computer System Evaluation Criteria) is a standard for evaluating security in computer systems - none of these are the specific DoD accreditation document.

Topics

#DoD Security#System Accreditation#SSAA#Authorization Documents

Community Discussion

No community discussion yet for this question.

Full CAP Practice