Which of the following NIST Special Publication documents provides a guideline on questionnaires
and checklists through which systems can be evaluated for compliance against specific control
objectives?
A.
NIST SP 800-37
B.
NIST SP 800-26
C.
NIST SP 800-53A
D.
NIST SP 800-59
E.
NIST SP 800-53
F.
NIST SP 800-60
Explanation:
NIST SP 800-26 (Security Self-Assessment Guide for Information Technology
Systems) provides a guideline on questionnaires and checklists through which systems can be
incorrect. NIST has developed a suite of documents for conducting Certification & Accreditation
(C&A). These documents are as follows:
NIST Special Publication 800-37: This document is a guide for the security certification and
accreditation of Federal Information Systems. NIST Special Publication 800-53: This document
provides a guideline for security controls for Federal Information Systems. NIST Special
Publication 800-53A. This document consists of techniques and procedures for verifying the
effectiveness of security controls in Federal Information System. NIST Special Publication 800-59:
This document is a guideline for identifying an information system as a National Security System.
NIST Special Publication 800-60: This document is a guide for mapping types of information and
information systems to security objectives and risk levels.