ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your organization is migrating a business-critical web application to AWS. Executives want a repeatable process that starts with organizational and system-level preparation, then categorizes the workload, selects, implements, assesses, authorizes, and continuously monitors security controls to meet U.S. federal requirements and supply ongoing vulnerability-management metrics. Which security framework most directly fulfills these requirements?
ISO 31000 enterprise risk-management standard
NIST Risk Management Framework (SP 800-37)
MITRE ATT&CK knowledge base
OWASP Application Security Verification Standard (ASVS)
The requested lifecycle aligns with the seven steps of the NIST Risk Management Framework (RMF) defined in NIST Special Publication 800-37 Revision 2: Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor. RMF is mandated for U.S. federal information systems and produces key outputs such as the system security plan, security assessment report, and continuous-monitoring data, all of which support vulnerability-management activities.
ISO 31000 offers high-level risk-management principles but does not prescribe control selection or monitoring. MITRE ATT&CK is a threat knowledge base, not a full risk-management methodology. OWASP ASVS focuses on application-security requirements and testing rather than an end-to-end risk-management and authorization process.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the seven steps of the NIST Risk Management Framework (SP 800-37)?
Open an interactive chat with Bash
How does the NIST RMF differ from ISO 31000?
Open an interactive chat with Bash
What are the outputs of the NIST RMF process?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Risk Identification, Monitoring and Analysis
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .