ExamGecko

ISC CAP Practice Test - Questions Answers, Page 20

Question list
Search
Search

List of questions

Search

Related questions











Question 191

Report
Export
Collapse

Which of the following individuals is responsible for monitoring the information system environment for factors that can negatively impact the security of the system and its accreditation?

A.
Chief Risk Officer
A.
Chief Risk Officer
Answers
B.
Chief Information Security Officer
B.
Chief Information Security Officer
Answers
C.
Information System Owner
C.
Information System Owner
Answers
D.
Chief Information Officer
D.
Chief Information Officer
Answers
Suggested answer: C
asked 18/09/2024
owais mansoor
46 questions

Question 192

Report
Export
Collapse

Walter is the project manager of a large construction project. He'll be working with several vendors on the project. Vendors will be providing materials and labor for several parts of the project. Some of the works in the project are very dangerous so Walter has implemented safety requirements for all of the vendors and his own project team. Stakeholders for the project have added new requirements, which have caused new risks in the project. A vendor has identified a new risk that could affect the project if it comes into fruition. Walter agrees with the vendor and has updated the risk register and created potential risk responses to mitigate the risk. What should Walter also update in this scenario considering the risk event?

A.
Project management plan
A.
Project management plan
Answers
B.
Project contractual relationship with the vendor
B.
Project contractual relationship with the vendor
Answers
C.
Project communications plan
C.
Project communications plan
Answers
D.
Project scope statement
D.
Project scope statement
Answers
Suggested answer: A
asked 18/09/2024
Mathijs Sijm
25 questions

Question 193

Report
Export
Collapse

Which of the following is a temporary approval to operate based on an assessment of the implementation status of the assigned IA Controls?

A.
IATT
A.
IATT
Answers
B.
ATO
B.
ATO
Answers
C.
IATO
C.
IATO
Answers
D.
DATO
D.
DATO
Answers
Suggested answer: C
asked 18/09/2024
Daniela Const
38 questions

Question 194

Report
Export
Collapse

SIMULATION

Fill in the blank with an appropriate word.

________ ensures that the information is not disclosed to unauthorized persons or processes.

A.
Confidentiality
A.
Confidentiality
Answers
Suggested answer: A
asked 18/09/2024
Bobby Pick
35 questions

Question 195

Report
Export
Collapse

Nancy is the project manager of the NHH project. She and the project team have identified a significant risk in the project during the qualitative risk analysis process. Bob is familiar with the technology that the risk is affecting and proposes to Nancy a solution to the risk event. Nancy tells Bob that she has noted his response, but the risk really needs to pass through the quantitative risk analysis process before creating responses. Bob disagrees and ensures Nancy that his response is most appropriate for the identified risk. Who is correct in this scenario?

A.
Bob is correct. Bob is familiar with the technology and the risk event so his response should be implemented.
A.
Bob is correct. Bob is familiar with the technology and the risk event so his response should be implemented.
Answers
B.
Nancy is correct. Because Nancy is the project manager she can determine the correct procedures for risk analysis and risk responses. In addition, she has noted the risk response that Bob recommends.
B.
Nancy is correct. Because Nancy is the project manager she can determine the correct procedures for risk analysis and risk responses. In addition, she has noted the risk response that Bob recommends.
Answers
C.
Nancy is correct. All risks of significant probability and impact should pass the quantitative risk analysis process before risk responses are created.
C.
Nancy is correct. All risks of significant probability and impact should pass the quantitative risk analysis process before risk responses are created.
Answers
D.
Bob is correct. Not all risk events have to pass the quantitative risk analysis process to develop effective risk responses.
D.
Bob is correct. Not all risk events have to pass the quantitative risk analysis process to develop effective risk responses.
Answers
Suggested answer: D
asked 18/09/2024
Oky ramadhani
42 questions

Question 196

Report
Export
Collapse

Which of the following is a standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system?

A.
FITSAF
A.
FITSAF
Answers
B.
TCSEC
B.
TCSEC
Answers
C.
FIPS
C.
FIPS
Answers
D.
SSAA
D.
SSAA
Answers
Suggested answer: B
asked 18/09/2024
Alemu, Fissha
38 questions

Question 197

Report
Export
Collapse

The Phase 4 of DITSCAP C&A is known as Post Accreditation. This phase starts after the system has been accredited in Phase 3. What are the process activities of this phase?

Each correct answer represents a complete solution. Choose all that apply.

A.
Maintenance of the SSAA
A.
Maintenance of the SSAA
Answers
B.
Compliance validation
B.
Compliance validation
Answers
C.
Change management
C.
Change management
Answers
D.
System operations
D.
System operations
Answers
E.
Security operations
E.
Security operations
Answers
F.
Continue to review and refine the SSAA
F.
Continue to review and refine the SSAA
Answers
Suggested answer: A, B, C, D, E
asked 18/09/2024
TAMPO DARKOI
40 questions

Question 198

Report
Export
Collapse

The only output of the perform qualitative risk analysis are risk register updates. When the project manager updates the risk register he will need to include several pieces of information including all of the following except for which one?

A.
Trends in qualitative risk analysis
A.
Trends in qualitative risk analysis
Answers
B.
Risk probability-impact matrix
B.
Risk probability-impact matrix
Answers
C.
Watchlist of low-priority risks
C.
Watchlist of low-priority risks
Answers
D.
Risks grouped by categories
D.
Risks grouped by categories
Answers
Suggested answer: B
asked 18/09/2024
Ranjan Gupta
33 questions

Question 199

Report
Export
Collapse

Billy is the project manager of the HAR Project and is in month six of the project. The project is scheduled to last for 18 months. Management asks Billy how often the project team is participating in risk reassessment in this project. What should Billy tell management if he's following the best practices for risk management?

A.
At every status meeting the project team project risk management is an agenda item.
A.
At every status meeting the project team project risk management is an agenda item.
Answers
B.
Project risk management happens at every milestone.
B.
Project risk management happens at every milestone.
Answers
C.
Project risk management has been concluded with the project planning.
C.
Project risk management has been concluded with the project planning.
Answers
D.
Project risk management is scheduled for every month in the 18-month project.
D.
Project risk management is scheduled for every month in the 18-month project.
Answers
Suggested answer: A
asked 18/09/2024
Lester Ballesteros
45 questions

Question 200

Report
Export
Collapse

Rob is the project manager of the IDLK Project for his company. This project has a budget of $5,600,000 and is expected to last 18 months. Rob has learned that a new law may affect how the project is allowed to proceed - even though the organization has already invested over $750,000 in the project. What risk response is the most appropriate for this instance?

A.
Transference
A.
Transference
Answers
B.
Mitigation
B.
Mitigation
Answers
C.
Enhance
C.
Enhance
Answers
D.
Acceptance
D.
Acceptance
Answers
Suggested answer: D
asked 18/09/2024
Mario Herrera González
46 questions
Total 395 questions
Go to page: of 40