Certified Authorization Professional (CAP) — Question 24

FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows that the procedures and controls have been implemented?

Answer options

• A. Level 2
• B. Level 5
• C. Level 4
• D. Level 1
• E. Level 3

Correct answer: E

Explanation

Level 3 in FITSAF indicates that procedures and controls have been effectively implemented for security assessment. Levels 1 and 2 represent earlier stages of maturity, while Levels 4 and 5 denote more advanced stages that include optimization and continual improvement, rather than just implementation.