CompTIA Cloud+ Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Study for the CompTIA Cloud+ Test with our comprehensive material. Use interactive quizzes and detailed explanations to get ready for your certification exam!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which publication specifies the standards for cryptography modules as per NIST?

  1. PCI DSS

  2. FIPS 140-2

  3. ISO 27001

  4. FedRAMP

The correct answer is: FIPS 140-2

FIPS 140-2, which stands for the Federal Information Processing Standard 140-2, is the publication that outlines the standards for cryptographic modules as defined by the National Institute of Standards and Technology (NIST). This standard provides a framework designed to ensure that cryptographic modules meet specific security requirements, encompassing areas such as physical security, implementation and algorithm security, and key management. Organizations that develop cryptographic systems often refer to FIPS 140-2 to ensure compliance with federal regulations, especially in contexts involving sensitive or federal data. This standard is essential for government agencies and contractors that handle sensitive information, as it ensures that the cryptography used is robust and reliable. In contrast, other publications mentioned do not specify cryptographic module standards: PCI DSS focuses on payment card data security, ISO 27001 pertains to information security management systems, and FedRAMP is concerned with cloud service provider security assessments for federal systems. Each of these has a different focus and does not address cryptographic module standards in the same way as FIPS 140-2.

More Questions Like This