FITSP - Auditor Questions Newest 2026-2027 Actual Exam

pg. 1

FITSP - Auditor Questions Newest 2026-2027 Actual Exam With Complete Questions And Correct Detailed Answers (Verified Answers) |Already Graded A+

The following OMB memo announced implementation of commonly accepted security configurations for windows operating systems.

a) M-07-18

b) M-09-32

c) M-10-28

d) M-07-11 - ANSWER-M-07-11

With the publication of OMB M-14-04, Fiscal Year 2013 Reporting Instructions for FISMA and Agency Privacy Management, the signatures of the following two individuals on the ATO are required to authorize a new information system to operate

(select two):

a) CISO

b) CIO

c) AO

d) SAOP - ANSWER-AO and SAOP

• / 4

pg. 2

The FISCAM control hierarchy consists of all of the following

EXCEPT:

a) Control activities

b) Control objectives

c) Critical elements

d) Control categories - ANSWER-Control objectives

FISCAM recommends using the independence standards in the determine the auditor's independence in an agency FISMA audit/evaluation.

a) White Book

b) Orange Book

c) Yellow Book

d) Green Book - ANSWER-Yellow Book

Which law gave OMB the authority to define policies for US Government Agencies? - ANSWER-Paperwork Reduction Act (PRA) - Granted OMB the responsibility to develop Government-wide policies to help other federal agencies comply with the congressional mandates.

Which law assigned responsibilities to NIST for creating standards and guidelines relating to securing 2 / 4

pg. 3

Federal Information Systems? - ANSWER-Computer Security Act (CSA) & Federal Information Security Management Act(FISMA) - Delegated responsibility to NIST and the NSA to create standards and guidelines to help federal agencies comply with congressional mandates.

Which OMB program provides a structure for Agencies to identify business processes? - ANSWER-Federal Enterprise Architecture Business Reference Model (FEA BRM) provides a structure for Agencies to identify business processes.

Which document provides a policy framework for information resources management across the Federal government? - ANSWER-OMB Circular A-130

Which OMB memo requires that agencies safeguard against and respond to breaches of personally identifiable information? - ANSWER-OMB

M-07-16

Name an initiative to create security configuration baselines for Information Technology products widely deployed across the federal agencies. - ANSWER-U.S. Government Configuration Baseline

(USGCB)

• / 4

pg. 4

Agencies are required to adhere to DHS' direction to report data through this automated reporting tool. What is the required frequency of these data feeds? - ANSWER-CyberScope; Monthly for CFO Agencies

What elements are components of an information system?

a) Hardware and software

b) Interconnected systems

c) People

d) All of the above - ANSWER-All of the above

What are some of the threats that the information system faces?

a) Environmental disruptions

b) Human errors

c) Cyber-attacks

d) All of the above - ANSWER-All of the above

During what phase of the SDLC should the organization consider the security requirements (mark all that apply)?

a) Initiation Phase/Development/Acquisition Phase

b) Implementation Phase

c) Operation/Maintenance Phase

• / 4