ATO LEVEL II: ANTITERRORISM LEVEL 2
TRAINING
Iscm strategy at this level is focused on ensuring that all system-level security
controls are implemented
... [Show More] correctly, operate as intended, produce the desired
outcome with respect to meeting the security requirements for the system, and
continue to be effective over time. - tier 3
which of the following are security-focused configuration management (seccm)
roles in risk management? - a.) ensuring that adjustments to the system
configuration do not adversely affect the security of the information system b.)
establishing configuration baselines and tracking, controlling, and managing
aspects of business development c.) ensuring that adjustments to the system
configuration do not adversely affect the organizations operations
this security configuration management (cm) control includes physical and logical
access controls and prevents the installation of software and firmware unless
verified with an approved certificate. - access restrictions for change
this security configuration management (cm) control ensures that software use
complies with contract agreements and copyright laws, tracks usage, and is not
used for unauthorized distribution, display, performance, or reproduction. -
software usage restrictions
this security configuration management (cm) control involves the systematic
proposal, justification, implementation, testing, review, and disposition of changes
to the systems, including system upgrades and modifications. - configuration
change control
this security configuration management (cm) control applies to the parameters that
can be changed in hardware, software, or firmware components that affect the
security posture and/or funtionality of the system, including registry settings,
account/directory permission setting, and settings for functions, ports and
protocols. - configuration settings
which of the following describes the role of the national industrial security
program (nisp) in continuous monitoring? - the nisp ensures that monitoring
requirements, restrictions, and safeguards that industry must follow are in place
before any classified work may begin. [Show Less]