Which of the following federal laws establishes roles and responsibilities for information security, risk management, testing, and training, and authorizes NIST and NSA to provide guidance for security planning and implementation 

Answer options:

A. Computer Fraud and Abuse Act
B. Government Information Security Reform Act (GISRA)
C. Federal Information Security Management Act (FISMA)
D. Computer Security Act

B