CSSLP · Question #244
CSSLP Question #244: Real Exam Question with Answer & Explanation
The correct answer is B: DoD 8500.1 Information Assurance (IA). DoD Directive 8500.1, titled 'Information Assurance (IA),' established the foundational policies and responsibilities for implementing a comprehensive defense-in-depth approach to information assurance across the Department of Defense.
Question
Which of the following DoD policies establishes policies and assigns responsibilities to achieve DoD IA through a defense-in-depth approach that integrates the capabilities of personnel, operations, and technology, and supports the evolution to network-centric warfare?
Options
- ADoDI 5200.40
- BDoD 8500.1 Information Assurance (IA)
- CDoD 8510.1-M DITSCAP
- DDoD 8500.2 Information Assurance Implementation
Explanation
DoD Directive 8500.1, titled 'Information Assurance (IA),' established the foundational policies and responsibilities for implementing a comprehensive defense-in-depth approach to information assurance across the Department of Defense.
Common mistakes.
- A. DoDI 5200.40 'DoD Information Technology (IT) Security Certification and Accreditation Process (DITSCAP)' was a specific instruction for C&A, not the broader IA policy.
- C. DoD 8510.1-M DITSCAP was a manual providing detailed procedures for the DITSCAP process, which is a component of IA but not the comprehensive policy itself.
- D. DoD 8500.2 'Information Assurance Implementation' was a supporting document to 8500.1, providing guidance for implementing IA controls, rather than the primary policy establishing the overall approach.
Concept tested. DoD Information Assurance foundational policy
Reference. https://irp.fas.org/doddir/dod/d8500_1.pdf
Topics
Community Discussion
No community discussion yet for this question.