Certified Authorization Professional (CAP) — Question 22

Which of the following NIST publications defines impact?

Answer options

• A. NIST SP 800-41
• B. NIST SP 800-37
• C. NIST SP 800-30
• D. NIST SP 800-53

Correct answer: C

Explanation

NIST SP 800-30 is the publication that outlines the concept of impact in the context of risk assessments. The other options, while related to security and risk management, do not specifically focus on defining impact as SP 800-30 does.