CERTIFIED-IN-CYBERSECURITY Question #291: Real Exam Question with Answer & Explanation

Question

Which U.S. government agency within the Department of Commerce publishes and makes available for free download a wide variety of technical standards, including those for information technology and information security?

Options

• AInternational Organization for Standardization (ISO)
• BInternet Engineering Task Force (IETF)
• CNational Institute of Standards and Technology (NIST)
• DInstitute of Electrical and Electronics Engineers (IEEE)

Explanation

National Institute of Standards and Technology (NIST). NIST is a U.S. government agency within the Department of Commerce that publishes a wide variety of technical standards, including those for information technology and information security. For example, NIST Special Publication 800-53 provides a catalog of security and privacy controls for federal information systems and organizations (ISC2 Study Guide, Module 4, under Governance Elements). The International Organization for Standardization (ISO) is incorrect because it is an independent, non- governmental international organization that develops standards but does not make them available for free download. The Internet Engineering Task Force (IETF) is also incorrect because it develops and promotes voluntary Internet standards, but it doesn't make a wide variety of technical standards available for free download. Finally, the Institute of Electrical and Electronics Engineers (IEEE) is inaccurate because it develops standards for a wide range of industries, but does not make them available for free download.

No community discussion yet for this question.