New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSEP Exam - Topic 2 Question 32 Discussion

Actual exam question for ISC2's ISSEP exam
Question #: 32
Topic #: 2
[All ISSEP Questions]

Which of the following NIST Special Publication documents provides a guideline on questionnaires

and checklists through which systems can be evaluated for compliance against specific control

objectives?

Show Suggested Answer Hide Answer
Suggested Answer: D

NIST SP 800-26 (Security Self-Assessment Guide for Information Technology Systems) provides a

guideline on questionnaires and checklists through which systems can be evaluated for compliance

against specific control objectives.

Answer options B, C, A, E, and F are incorrect. NIST has developed a suite of documents for

conducting Certification & Accreditation (C&A).

These documents are as follows:

NIST Special Publication 800-37: This document is a guide for the security certification and

accreditation of Federal Information Systems.

NIST Special Publication 800-53: This document provides a guideline for security controls for Federal

Information Systems.

NIST Special Publication 800-53A. This document consists of techniques and procedures for verifying

the effectiveness of security controls in Federal Information System.

NIST Special Publication 800-59: This document is a guideline for identifying an information system

as a National Security System.

NIST Special Publication 800-60: This document is a guide for mapping types of information and

information systems to security objectives and risk levels.


by Krissy at May 06, 2022, 12:50 PM

Limited Time Offer

25%

Off

Get Premium ISSEP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Aracelis
4 months ago
I agree, 800-53A makes the most sense here.
upvoted 0 times
...
Della
4 months ago
Wait, are we sure about that?
upvoted 0 times
...
Josefa
4 months ago
800-53A is the one for compliance checklists!
upvoted 0 times
...
Lorrie
4 months ago
I thought it was 800-37?
upvoted 0 times
...
Yolande
5 months ago
It's definitely NIST SP 800-53A.
upvoted 0 times
...
Jacqueline
5 months ago
I vaguely recall NIST SP 800-26 discussing assessments too, but I can't remember the specifics.
upvoted 0 times
...
Valentin
5 months ago
I feel like NIST SP 800-53 is more about the controls themselves, not the evaluation process.
upvoted 0 times
...
Shaquana
5 months ago
I think it's NIST SP 800-53A because it focuses on assessment and evaluation, right?
upvoted 0 times
...
Karima
5 months ago
I'm not entirely sure, but I remember something about NIST SP 800-37 being related to risk management.
upvoted 0 times
...
Dorian
5 months ago
This is a well-written business case, so I'm going to go with True. The numbers and the gap over the target are all clearly stated, which makes it easy to understand the situation.
upvoted 0 times
...
Lizbeth
5 months ago
I'm not too familiar with EPMA or FDM, so I'll need to review those options more closely. But I'm confident I can figure this out.
upvoted 0 times
...
Alpha
5 months ago
I remember something about AWSR being dependent on licenses for certain features, so I'm not sure about option B.
upvoted 0 times
...

Save Cancel