CISSP-ISSEP · Question #214
Which of the following CNSS policies describes the national policy on controlled access protection?
The correct answer is B. NSTISSP No. 200. NSTISSP No. 200 is the National Policy on Controlled Access Protection, establishing minimum security requirements for information systems that enforce access controls based on user identity and authorization - making B the correct answer. Why the distractors are wrong: A (NSTISS
Question
Which of the following CNSS policies describes the national policy on controlled access protection?
Options
- ANSTISSP No. 101
- BNSTISSP No. 200
- CNCSC No. 5
- DCNSSP No. 14
How the community answered
(21 responses)- A5% (1)
- B95% (20)
Explanation
NSTISSP No. 200 is the National Policy on Controlled Access Protection, establishing minimum security requirements for information systems that enforce access controls based on user identity and authorization - making B the correct answer.
Why the distractors are wrong:
- A (NSTISSP No. 101) covers national policy on securing wireless communications, not controlled access protection.
- C (NCSC No. 5) is a National Computer Security Center document related to trusted network interpretation - an older technical guideline, not the national policy on controlled access.
- D (CNSSP No. 14) governs the release of information security products to foreign governments, an entirely different domain.
Memory tip: Think "200 = access control" - just as access control lists have many entries managing who gets in, No. 200 manages the policy behind that access. The "2" in 200 can remind you of the two key concepts: who (identity) and what (authorization).
Topics
Community Discussion
No community discussion yet for this question.