Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 CSSLP Exam - Topic 5 Question 109 Discussion

Actual exam question for ISC2's CSSLP exam
Question #: 109
Topic #: 5
[All CSSLP Questions]

You work as a security engineer for BlueWell Inc. Which of the following documents will you use as a guide for the security certification and accreditation of Federal Information Systems?

Show Suggested Answer Hide Answer
Suggested Answer: C

NIST has developed a suite of documents for conducting Certification & Accreditation (C&A). These documents are as follows:

NIST Special Publication 800-37: This document is a guide for the security certification and accreditation of Federal Information

Systems.

NIST Special Publication 800-53: This document provides a guideline for security controls for Federal Information Systems.

NIST Special Publication 800-53A. This document consists of techniques and procedures for verifying the effectiveness of security

controls in Federal Information System.

NIST Special Publication 800-59: This document is a guideline for identifying an information system as a National Security System.

NIST Special Publication 800-60: This document is a guide for mapping types of information and information systems to security

objectives and risk levels.


by Royce at Jan 05, 2026, 05:16 AM

Limited Time Offer

25%

Off

Get Premium CSSLP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Matt
1 day ago
800-60 is more about categorization, not certs.
upvoted 0 times
...
Rex
7 days ago
I thought it was 800-53? Seems like a solid choice too.
upvoted 0 times
...
Lorrine
12 days ago
Definitely NIST SP 800-37 for certification!
upvoted 0 times
...
Felicitas
17 days ago
NIST SP 800-37 is the answer, no doubt. Unless you're a security engineer who's been living under a rock.
upvoted 0 times
...
Youlanda
22 days ago
NIST SP 800-37 is the document you want. It's like the security certification bible for federal agencies.
upvoted 0 times
...
Cornell
27 days ago
NIST SP 800-59? Really? That's for identifying and categorizing federal information and information systems. Not what we're looking for here.
upvoted 0 times
...
Gary
2 months ago
NIST SP 800-60 is the way to go. It's all about defining security categories for information and information systems.
upvoted 0 times
...
Jade
2 months ago
I'm pretty sure NIST SP 800-53 is the right answer. It covers security controls for federal information systems.
upvoted 0 times
...
Brittney
2 months ago
NIST SP 800-37 is the correct answer. It provides guidance for the security certification and accreditation of federal information systems.
upvoted 0 times
...
Kristofer
2 months ago
I’m leaning towards 800-37 too, but I wonder if there’s a chance it could be 800-53 since it’s so widely referenced in security frameworks.
upvoted 0 times
...
Georgeanna
2 months ago
I feel like 800-60 and 800-59 are related to categorization and guidelines, but I can't recall their exact roles in certification.
upvoted 0 times
...
Stephen
2 months ago
I remember practicing with a question about NIST documents, and I think 800-53 is more about security controls, not specifically for certification.
upvoted 0 times
...
Stephane
3 months ago
I think it might be NIST SP 800-37 since it covers the risk management framework, but I'm not entirely sure.
upvoted 0 times
...
Karl
3 months ago
Alright, time to put my security knowledge to the test. I think the answer is C, NIST SP 800-37. That's the guide that outlines the steps for certifying and accrediting federal information systems, if I'm not mistaken.
upvoted 0 times
...
Kristeen
3 months ago
I'm a bit unsure on this one. I know NIST has a lot of different publications, and it's hard to keep track of which one covers what. I'll have to review my notes to refresh my memory.
upvoted 0 times
...
Regenia
3 months ago
Ah, I remember learning about this in class. I'm pretty confident the answer is C, NIST SP 800-37. That's the guide for the security certification and accreditation process.
upvoted 0 times
...
Kayleigh
3 months ago
Okay, let me think this through. I know 800-53 covers security controls, so that's not the right one. I'm leaning towards C, but I'll double-check the descriptions just to be sure.
upvoted 0 times
...
Aleta
4 months ago
Hmm, I think 800-37 is the one for security certification and accreditation, but I'm not 100% sure.
upvoted 0 times
...

Save Cancel