Which of the following NIST SP 800-53A interviews consists of informal and ad hoc interviews?

NIST SP 800-53A defines three types of interview depending on the level of assessment conducted. Which of the following NIST SP 800-53A interviews consists of informal and ad hoc interviews?

NIST SP 800-53A defines three types of interview depending on the level of assessment conducted. Which of the following NIST SP 800-53A interviews consists of informal and ad hoc interviews?

A.
Substantial

B.
Abbreviated

C.
Comprehensive

D.
Significant

Explanation:

Abbreviated interview consists of informal and ad hoc interviews. Answer option A is incorrect. Substantial interview consists of informal and structured interviews. Answer option C is incorrect. Comprehensive interview consists of formal and structured interviews. Answer option D is incorrect. There is no such type of interview in NIST SP 800-53A. What are the three types of interview defined by NIST SP 800-53A? NIST SP 800-53A has defined three types of interview depending on the level of assessment conducted. They are as follows.

1.Abbreviated. This type of interview consists of informal and ad hoc interviews. These interviews comprise generalized, high-level discussions with selected organizational personnel. These discussions are based on particular topics related to the specifications, mechanisms, or activities associated with the security control being assessed.
2.Substantial. This type of interview consists of informal and structured interviews. These interviews comprise generalized, high-level discussions and specific discussions in targeted areas with selected organizational personnel. These discussions are based on particular topics related to the specifications, mechanisms, or activities associated with the security control being assessed. 3.Comprehensive. This type of interview consists of formal and structured interviews. These interviews comprise generalized, high-level discussions and specific, in-depth discussions with selected organizational personnel. These discussions are based on particular topics related to the specifications, mechanisms, or activities associated with the security control being assessed.



Leave a Reply 1

Your email address will not be published. Required fields are marked *


Lincoln Anderson

Lincoln Anderson

This is just a note that this answer set is wrong. According to NIST SP 800-53A Rev 1 (which is what is covered in the current CAP CBK), the levels of interview are Basic, Focused, Comprehensive. I thought Abbreviated might be from an earlier version of 800-53A, but if so, it does not appear on the NIST publication site (http://csrc.nist.gov/publications/PubsSPs.html). The levels can be found in NIST SP 800-53A Rev 1 Appendix D “Assessment Method Descriptions”.