Certified Incident Handler (CIH) Practice Ecam

Which FedRAMP baseline security control corresponds to impact levels of 26, 18, and 7 for high, moderate, and low risks?

• A. Access Control
• B. Incident Response
• C. System Security Plan
• D. Configuration Management

The correct answer is: Incident Response

The correct answer is Incident Response. In the context of Federal Risk and Authorization Management Program (FedRAMP), Incident Response refers to the capabilities and procedures that an organization must have in place to effectively manage and respond to security incidents that may affect information systems. The impact levels of 26, 18, and 7 correspond to the classification of controls based on the potential damage that a security incident could cause, which is in line with the high, moderate, and low risk categorizations. High-impact scenarios require robust incident response protocols due to the potential for significant disruption or loss. Moderate and low impacts still necessitate defined response protocols, but the complexity and immediacy of response may differ accordingly. Access Control, System Security Plan, and Configuration Management are all critical components of FedRAMP security frameworks but focus on different aspects of security. Access Control deals with limiting access to sensitive information, the System Security Plan outlines the overall security controls, and Configuration Management pertains to maintaining secure configurations of systems. While all these elements are vital to a comprehensive security strategy, they do not specifically address the procedural requirements for responding to incidents in the context of varying impact levels like Incident Response does.