Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Which U.S. federal government laws/regulations was first to require development of computer security plan?
Privacy Act
Computer Fraud and Abuse Act
Computer Security Act
Gramm-Leach-Bliley Act
After amending the CFAA in 1986 to cover a wider variety of computer systems, Congress turned its view inward and examined the current state of computer security in federal government systems. Members of Congress were not satisfied with what they saw and they enacted the Computer Security Act (CSA) of 1987 to mandate baseline security requirements for all federal agencies. In the introduction to the CSA, Congress specifi ed four main purposes of the act: ■ To give the National Institute of Standards and Technology (NIST) responsibility for developing standards and guidelines for federal computer systems. For this purpose, NIST draws on the technical advice and assistance (including work products) of the National Security Agency where appropriate. ■ To provide for the enactment of such standards and guidelines. ■ To require the establishment of security plans by all operators of federal computer systems that contain sensitive information. ■ To require mandatory periodic training for all people involved in management, use, or operation of federal computer systems that contain sensitive information.
**I think this question could be improved by making it clear that the Computer Security Act only requires this for government entities. It’s somewhat clear that it’s the only valid answer, but that distinction is arguably important.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.