Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

32 CFR Part 2002 > 2002.14.h - Information systems > Flashcards

2002.14.h - Information systems Flashcards

1
Q

Information systems that process, store, or transmit CUI are of two different types: ______ ___________ ______ and ___-_______ ___________ ______

A

Federal information system and non-Federal information system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A Federal information system is an information system used or operated by an ______ or by a __________ of an ______ or other organization on behalf of an ______.

A

agency or by a contractor of an agency or other organization on behalf of an agency

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A Federal information system operated on behalf of an agency provides information processing services to the agency that the Government might otherwise perform itself but has decided to _________.

A

outsource

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Federal information systems includes systems operated exclusively for (a)__________ use and systems operated for (b)________ _______ ________ or __________ and ______ ______ users.

A

(a) Government

(b) multiple Federal agencies

(c) Government and private sector

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An agency may require systems operated on its behalf by ___-_________ ______ entities to meet additional requirements the agency sets for its own internal systems.

A

non-executive branch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A ___-_______ ___________ ______ is any information system that does not meet the criteria for a Federal information system

A

non-Federal information system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Agencies (a)___ ___ treat non-Federal information systems as though they are agency systems, so agencies (b)______ require that non-executive branch entities protect these systems in the same manner that the agencies might protect their own information systems.

A

(a) may not

(b) cannot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

When a non-executive branch entity receives Federal information only __________ to providing a service or product to the Government other than processing services, its information systems are not considered Federal information systems.

A

incidental

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

NIST SP 800–171 defines the requirements necessary to protect CUI Basic on ___-_______ information systems in accordance with the requirements of 32 CFR Part 2002.

A

non-Federal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Agencies must use NIST SP ___–___ when establishing security requirements to protect CUI’s confidentiality on non-Federal information systems.

A

800–171

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Authorizing law, regulation, or policy listed in the CUI Registry for the CUI category or subcategory of the information involved prescribing specific safeguarding requirements for protecting the information’s confidentiality, or an agreement establishing requirements to protect CUI Basic at higher than moderate confidentiality overrides NIST SP 800-171 requirements.
T/F

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

32 CFR Part 2002 (21 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions