Which RMF step involves selecting security baselines to define the initial set of controls?

Study for the RMF Steps, Tasks, and Outcomes Test. Get ready for your exam with flashcards, multiple choice questions, and in-depth explanations. Master each step and outcome with ease!

Multiple Choice

Which RMF step involves selecting security baselines to define the initial set of controls?

Explanation:
In RMF, the step you take to define the starting set of protections is to select security controls by choosing an appropriate baseline from NIST SP 800-53 (low, moderate, or high) and tailoring it to the system’s specifics. After you determine the system’s impact level, you pick the baseline that provides the initial control set and adjust it to address unique risks. This initial selection lays the foundation for what will be implemented and subsequently assessed and monitored. It’s distinct from categorization, which assigns an impact level, from implementing, which applies the chosen controls, and from monitoring, which is ongoing oversight.

In RMF, the step you take to define the starting set of protections is to select security controls by choosing an appropriate baseline from NIST SP 800-53 (low, moderate, or high) and tailoring it to the system’s specifics. After you determine the system’s impact level, you pick the baseline that provides the initial control set and adjust it to address unique risks. This initial selection lays the foundation for what will be implemented and subsequently assessed and monitored. It’s distinct from categorization, which assigns an impact level, from implementing, which applies the chosen controls, and from monitoring, which is ongoing oversight.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy