New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 CSSLP Exam - Topic 5 Question 109 Discussion

Actual exam question for ISC2's CSSLP exam
Question #: 109
Topic #: 5
[All CSSLP Questions]

You work as a security engineer for BlueWell Inc. Which of the following documents will you use as a guide for the security certification and accreditation of Federal Information Systems?

Show Suggested Answer Hide Answer
Suggested Answer: C

NIST has developed a suite of documents for conducting Certification & Accreditation (C&A). These documents are as follows:

NIST Special Publication 800-37: This document is a guide for the security certification and accreditation of Federal Information

Systems.

NIST Special Publication 800-53: This document provides a guideline for security controls for Federal Information Systems.

NIST Special Publication 800-53A. This document consists of techniques and procedures for verifying the effectiveness of security

controls in Federal Information System.

NIST Special Publication 800-59: This document is a guideline for identifying an information system as a National Security System.

NIST Special Publication 800-60: This document is a guide for mapping types of information and information systems to security

objectives and risk levels.


by Royce at Jan 05, 2026, 05:16 AM

Limited Time Offer

25%

Off

Get Premium CSSLP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Gary
3 days ago
NIST SP 800-60 is the way to go. It's all about defining security categories for information and information systems.
upvoted 0 times
...
Jade
8 days ago
I'm pretty sure NIST SP 800-53 is the right answer. It covers security controls for federal information systems.
upvoted 0 times
...
Brittney
13 days ago
NIST SP 800-37 is the correct answer. It provides guidance for the security certification and accreditation of federal information systems.
upvoted 0 times
...
Kristofer
19 days ago
I’m leaning towards 800-37 too, but I wonder if there’s a chance it could be 800-53 since it’s so widely referenced in security frameworks.
upvoted 0 times
...
Georgeanna
24 days ago
I feel like 800-60 and 800-59 are related to categorization and guidelines, but I can't recall their exact roles in certification.
upvoted 0 times
...
Stephen
29 days ago
I remember practicing with a question about NIST documents, and I think 800-53 is more about security controls, not specifically for certification.
upvoted 0 times
...
Stephane
1 month ago
I think it might be NIST SP 800-37 since it covers the risk management framework, but I'm not entirely sure.
upvoted 0 times
...
Karl
1 month ago
Alright, time to put my security knowledge to the test. I think the answer is C, NIST SP 800-37. That's the guide that outlines the steps for certifying and accrediting federal information systems, if I'm not mistaken.
upvoted 0 times
...
Kristeen
1 month ago
I'm a bit unsure on this one. I know NIST has a lot of different publications, and it's hard to keep track of which one covers what. I'll have to review my notes to refresh my memory.
upvoted 0 times
...
Regenia
2 months ago
Ah, I remember learning about this in class. I'm pretty confident the answer is C, NIST SP 800-37. That's the guide for the security certification and accreditation process.
upvoted 0 times
...
Kayleigh
2 months ago
Okay, let me think this through. I know 800-53 covers security controls, so that's not the right one. I'm leaning towards C, but I'll double-check the descriptions just to be sure.
upvoted 0 times
...
Aleta
2 months ago
Hmm, I think 800-37 is the one for security certification and accreditation, but I'm not 100% sure.
upvoted 0 times
...

Save Cancel