Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
82 Cards in this Set
- Front
- Back
"What does control class is ""CA"" in 800-53 Rev3?"
|
800-53 Rev3: Security Assessment and Authorization
|
|
"What does control class is ""PL"" in 800-53 Rev3?"
|
Planning
|
|
"What does control class is ""PM"" in 800-53 Rev3?"
|
Program Management
|
|
"What does control class is ""RA"" in 800-53 Rev3?"
|
Risk Assessment
|
|
"What does control class is ""SA"" in 800-53 Rev3?"
|
System and Services Acquistion
|
|
"What does control class is ""AT"" in 800-53 Rev3?"
|
Awareness and Training
|
|
"What does control class is ""CM"" in 800-53 Rev3?"
|
Configuration Management
|
|
"What does control class is ""CP"" in 800-53 Rev3?"
|
Contigency Planning
|
|
"What does control class is ""MA"" in 800-53 Rev3?"
|
Maintenance
|
|
"What does control class is ""MP"" in 800-53 Rev3?"
|
Media Protection
|
|
"What does control class is ""PE"" in 800-53 Rev3?"
|
Physical and Environmental Protection
|
|
"What does control class is ""PS"" in 800-53 Rev3?"
|
Personnel Security
|
|
"What does control class is ""SI"" in 800-53 Rev3?"
|
System and Information Integrity
|
|
"What does control class is ""AC"" in 800-53 Rev3?"
|
Access Control
|
|
"What does control class is ""AU"" in 800-53 Rev3?"
|
Audit and Accountability
|
|
"What does control class is ""IA"" in 800-53 Rev3?"
|
Identification and Authentication
|
|
"What does control class is ""SC"" in 800-53 Rev3?"
|
System and Communications Protection
|
|
CA-1
|
Security Assessment and Authorization Policies and Procedure
|
|
CA-2
|
Security Assessments
|
|
CA-3
|
Information System Connections
|
|
CA-4
|
Security Certification
|
|
CA-5
|
Plan of Action and Milestones
|
|
CA-6
|
Security Authorization
|
|
CA-7
|
Continuous Monitoring
|
|
PL-1
|
Security Planning Policy and Procedures
|
|
PL-2
|
System Security Plan
|
|
PL-3
|
System Security Plan Update
|
|
PL-4
|
Rules of Behavior
|
|
PL-5
|
Privacy Impact Assessment
|
|
PL-6
|
Security-related Activity Planning
|
|
PM-1
|
Information Security Program Plan
|
|
PM-2
|
Senior Information Security Officer
|
|
PM-3
|
Information Security Resources
|
|
PM-4
|
Plan of Action and Milestones Process
|
|
PM-5
|
Information System Inventory
|
|
PM-6
|
Information Security Measures of Performance
|
|
PM-7
|
Enterprise Architecture
|
|
PM-8
|
Critical Infrastructure Plan
|
|
PM-9
|
Risk Management Strategy
|
|
PM-10
|
Security Authorization Process
|
|
PM-11
|
Mission/business Process Definition
|
|
RA-1
|
Risk Assessment Policy and Procedures
|
|
RA-2
|
Security Categorization
|
|
RA-3
|
Risk Assessment
|
|
RA-4
|
Risk Assessment Update
|
|
RA-5
|
Vulnerability Scanning
|
|
SA-1
|
System and Services Acquisition Policy and Procedures
|
|
SA-2
|
Allocation of Resources
|
|
SA-3
|
Life Cycle Support
|
|
SA-4
|
Acquisitions
|
|
SA-5
|
Information System Documentation
|
|
SA-6
|
Software Usage Restrictions
|
|
SA-7
|
User-installed Software
|
|
SA-8
|
Security Engineering Principles
|
|
SA-9
|
External Information System Services
|
|
SA-10
|
Developer Configuration Management
|
|
SA-11
|
Developer Security Testing
|
|
SA-12
|
Supply Chain Protection
|
|
SA-13
|
Trustworthiness
|
|
SA-14
|
Critical Information System Components
|
|
AC-1
|
Access Control Policy and Procedures
|
|
AC-2
|
Account Management
|
|
AC-3
|
Access Enforcement
|
|
AC-4
|
Information Flow Enforcement
|
|
AC-5
|
Separation of Duties
|
|
AC-6
|
Least Privilege
|
|
AC-7
|
Unsuccessful Login Attempts
|
|
AC-8
|
System Use Notification
|
|
AC-9
|
Previous Logon (Access) Notification
|
|
AC-10
|
Concurrent Session Control
|
|
AC-11
|
Session Lock
|
|
AC-12
|
Session Termination
|
|
AC-13
|
Supervision and Review Access Control
|
|
AC-14
|
Permitted Actions Without Identification Or Authentication
|
|
AC-15
|
Automated Marking
|
|
AC-16
|
Security Attributes
|
|
AC-17
|
Remote Access
|
|
AC-18
|
Wireless Access
|
|
AC-19
|
Access Control for Mobile Devices
|
|
AC-20
|
Use of External Information Systems
|
|
AC-21
|
User-based Collaboration and Information Sharing
|
|
AC-22
|
Publicly Accessible Content
|