What are security control baselines in RMF?

Study for the RMF Steps, Tasks, and Outcomes Test. Get ready for your exam with flashcards, multiple choice questions, and in-depth explanations. Master each step and outcome with ease!

Multiple Choice

What are security control baselines in RMF?

Explanation:
Security control baselines are predefined groups of security controls aligned to impact levels that provide the starting point for selecting controls in RMF Step 2. They come from guidance like NIST SP 800-53 and reflect the typical controls needed for systems categorized as Low, Moderate, or High impact. Organizations tailor these baselines to their environment, adding or adjusting controls to address specific risks and mission requirements before proceeding with implementation and assessment. They are not an all-encompassing list of every possible control for every system, they are not organizational data-handling policies, and they do not measure control performance—that happens later during assessment and continuous monitoring.

Security control baselines are predefined groups of security controls aligned to impact levels that provide the starting point for selecting controls in RMF Step 2. They come from guidance like NIST SP 800-53 and reflect the typical controls needed for systems categorized as Low, Moderate, or High impact. Organizations tailor these baselines to their environment, adding or adjusting controls to address specific risks and mission requirements before proceeding with implementation and assessment. They are not an all-encompassing list of every possible control for every system, they are not organizational data-handling policies, and they do not measure control performance—that happens later during assessment and continuous monitoring.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy