ISC2 ISSEP Exam - Topic 5 Question 101 Discussion

Actual exam question for ISC2's ISSEP exam

Question #: 101
Topic #: 5

Which of the following NIST Special Publication documents provides a guideline on questionnaires and checklists through which systems can be evaluated for compliance against specific control objectives

ANIST SP 800-53A

BNIST SP 800-37

CNIST SP 800-53

DNIST SP 800-26

ENIST SP 800-59

FNIST SP 800-60

Show Suggested Answer

Suggested Answer: D

by Casey at Jun 13, 2025, 04:41 AM

Limited Time Offer

25%

Off

Get Premium ISSEP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Carin

2 months ago

NIST SP 800-26 is outdated, right? Why is it even an option?

upvoted 0 times

...

Melina

2 months ago

I thought it was NIST SP 800-53, but now I'm not so sure.

upvoted 0 times

...

Melda

2 months ago

I'm pretty sure it's NIST SP 800-53A.

upvoted 0 times

...

Terrilyn

3 months ago

Wait, isn't NIST SP 800-37 more about risk management?

upvoted 0 times

...

Susy

3 months ago

Yeah, I agree, that one covers compliance evaluations.

upvoted 0 times

...

Lenna

3 months ago

I vaguely recall that NIST SP 800-26 was related to security self-assessments, but I can't remember if it fits this question.

upvoted 0 times

...

Janessa

3 months ago

I feel like NIST SP 800-37 is more about risk management frameworks, so it probably isn't the answer.

upvoted 0 times

...

Eva

4 months ago

I remember studying NIST SP 800-53 for controls, but I don't think it specifically covers questionnaires.

upvoted 0 times

...

Carmen

4 months ago

I think NIST SP 800-53A might be the right one since it deals with assessment and evaluation, but I'm not entirely sure.

upvoted 0 times

...

France

4 months ago

Based on my understanding, NIST SP 800-53A is the document that provides guidance on using questionnaires and checklists to evaluate systems for compliance with security controls. I feel confident that this is the correct answer.

upvoted 0 times

...

Benedict

4 months ago

I'm a bit confused by the wording of this question. Does it mean which NIST SP document provides the actual questionnaires and checklists, or just guidelines on how to develop them? I'll need to re-read the question carefully before selecting an answer.

upvoted 0 times

...

Tammara

4 months ago

Okay, let me think this through. NIST SP 800-53 covers the security controls themselves, while 800-37 is about the risk management framework. I'm leaning towards 800-53A as the best answer, since it seems to be focused on the assessment and evaluation process.

upvoted 0 times

...

Sherrell

5 months ago

Hmm, I'm a bit unsure about this one. I'll need to review the descriptions of the different NIST SP documents to determine which one is most likely to cover questionnaires and checklists for compliance.

upvoted 0 times

...

Albina

5 months ago

I'm pretty sure the answer is NIST SP 800-53A, since that document provides guidelines on evaluating systems for compliance with security controls.

upvoted 0 times

...

Lorean

7 months ago

I hope the exam doesn't ask us to recite the entire list of NIST SPs from memory. That would be a real nightmare!

upvoted 0 times

Shawna

6 months ago

E) NIST SP 800-59

upvoted 0 times

...

Brittni

6 months ago

C) NIST SP 800-53

upvoted 0 times

...

Jose

6 months ago

A) NIST SP 800-53A

upvoted 0 times

...

Darrin

8 months ago

I'm not sure, but I think it might be C) NIST SP 800-53.

upvoted 0 times

...

Coral

8 months ago

I agree with Izetta, because NIST SP 800-53A focuses on evaluation methods.

upvoted 0 times

...

Maynard

8 months ago

If I had a nickel for every NIST special publication, I'd be able to buy a whole server farm to store them all!

upvoted 0 times

Jacinta

7 months ago

F) NIST SP 800-60

upvoted 0 times

...

Melissa

7 months ago

E) NIST SP 800-59

upvoted 0 times

...

Suzan

7 months ago

D) NIST SP 800-26

upvoted 0 times

...

King

7 months ago

C) NIST SP 800-53

upvoted 0 times

...

Alyssa

7 months ago

B) NIST SP 800-37

upvoted 0 times

...

Shantay

8 months ago

A) NIST SP 800-53A

upvoted 0 times

...

Izetta

8 months ago

I think the answer is A) NIST SP 800-53A.

upvoted 0 times

...

Amber

8 months ago

Definitely NIST SP 800-53A. That's the one that gives you the checklists and questionnaires to evaluate your system's compliance.

upvoted 0 times

Keneth

8 months ago

Yes, NIST SP 800-53A provides the guidelines for using questionnaires and checklists to evaluate systems.

upvoted 0 times

...

Keneth

8 months ago

I agree, NIST SP 800-53A is the one for evaluating compliance with specific control objectives.

upvoted 0 times

...

Elliot

8 months ago

Hmm, I'm not sure. NIST SP 800-53 might be a better fit since it covers the controls themselves, but I could be wrong.

upvoted 0 times

...

Arlette

8 months ago

I'd go with option D, NIST SP 800-26. That one focuses on self-assessments and questionnaires, doesn't it?

upvoted 0 times

Deeann

7 months ago

I agree, NIST SP 800-26 is the one to go with for compliance evaluations.

upvoted 0 times

...

Dulce

7 months ago

Great choice! NIST SP 800-26 is the document that provides guidelines on questionnaires and checklists for system evaluations.

upvoted 0 times

...

Aleshia

7 months ago

Yes, you are correct. NIST SP 800-26 focuses on self-assessments and questionnaires.

upvoted 0 times

...

Dominga

7 months ago

F) NIST SP 800-60

upvoted 0 times

...

Nicolette

7 months ago

E) NIST SP 800-59

upvoted 0 times

...

Walton

7 months ago

D) NIST SP 800-26

upvoted 0 times

...

Kanisha

8 months ago

C) NIST SP 800-53

upvoted 0 times

...

Ronna

8 months ago

B) NIST SP 800-37

upvoted 0 times

...

Dawne

8 months ago

A) NIST SP 800-53A

upvoted 0 times

...

Ollie

8 months ago

NIST SP 800-53A seems like the right choice here. It provides guidance on how to assess controls and determine compliance.

upvoted 0 times

Jovita

8 months ago

Yes, NIST SP 800-53A is the document that focuses on questionnaires and checklists for compliance evaluation.

upvoted 0 times

...

Gwenn

8 months ago

I agree, NIST SP 800-53A provides guidelines for assessing controls against specific objectives.

upvoted 0 times

...

Tijuana

8 months ago

I think NIST SP 800-53A is the correct choice for evaluating compliance.

upvoted 0 times

...