Secure Software Lifecycle Professional – CSSLP – Question226
FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows that the procedures and controls are tested and reviewed? A. Level 4 B. Level 5 C. Level 2 D. Level 3 E. Level 1
Correct Answer: A
Explanation:
Explanation: The following are the five levels of FITSAF based on SEI’s Capability Maturity Model (CMM): Level 1: The first level reflects that an asset has documented a security policy. Level 2: The second level shows that the asset has documented procedures and controls to implement the policy. Level 3: The third level indicates that these procedures and controls have been implemented. Level 4: The fourth level shows that the procedures and controls are tested and reviewed. Level 5: The fifth level is the final level and shows that the asset has procedures and controls fully integrated into a comprehensive program.
Please disable your adblocker or whitelist this site!