Which NIST SP 800-53 family covers identification and authentication of entities before access decisions, and is commonly implemented by a TA?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Trusted Agent Exam with engaging questions, flashcards, and detailed explanations. Dive deep into essential topics to increase your chances of success. Ace your exam with confidence!

Multiple Choice

Which NIST SP 800-53 family covers identification and authentication of entities before access decisions, and is commonly implemented by a TA?

Explanation:
Identifying who is attempting to access a resource and proving they are who they claim before any access decision is made is the focus here. This is exactly what the Identification & Authentication family covers in NIST SP 800-53, including identity proofing, issuing credentials, and authentication methods (like passwords, tokens, or certificates). A Trusted Agent is commonly involved in handling these processes to ensure strong verification before granting access. The other families address different concerns: Access Control governs how access is granted or denied after identity is established; Audit & Accountability deals with logging and monitoring user actions; System & Communications Protection concentrates on safeguarding data and communications. So, identifying and authenticating entities before access decisions aligns best with the IA family.

Identifying who is attempting to access a resource and proving they are who they claim before any access decision is made is the focus here. This is exactly what the Identification & Authentication family covers in NIST SP 800-53, including identity proofing, issuing credentials, and authentication methods (like passwords, tokens, or certificates). A Trusted Agent is commonly involved in handling these processes to ensure strong verification before granting access. The other families address different concerns: Access Control governs how access is granted or denied after identity is established; Audit & Accountability deals with logging and monitoring user actions; System & Communications Protection concentrates on safeguarding data and communications. So, identifying and authenticating entities before access decisions aligns best with the IA family.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy