ISC CAP Practice Test - Questions Answers, Page 22

A high-profile, high-priority project within your organization is being created. Management wants you to pay special attention to the project risks and do all that you can to ensure that all of the risks are identified early in the project. Management has to ensure that this project succeeds. Management's risk aversion in this project is associated with what term?

Which of the following governance bodies directs and coordinates implementations of the information security program?

What are the subordinate tasks of the Implement and Validate Assigned IA Controlphase in the DIACAP process? Each correct answer represents a complete solution. Choose all that apply.

Which of the following DITSCAP C&A phases takes place between the signing of the initial version of the SSAA and the formal accreditation of the system?

The phase 0 of Risk Management Framework (RMF) is known as strategic risk assessment planning. Which of the following processes take place in phase 0?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following fields of management focuses on establishing and maintaining consistency of a system's or product's performance and its functional and physical attributes with its requirements, design, and operational information throughout its life?

Which of the following roles is used to ensure that the confidentiality, integrity, and availability of the services are maintained to the levels approved on the

Service Level Agreement (SLA)?

Which of the following terms related to risk management represents the estimated frequency at which a threat is expected to occur?

Information Security management is a process of defining the security controls in order to protect information assets. The first action of a management program to implement information security is to have a security program in place. What are the objectives of a security program? Each correct answer represents a complete solution. Choose all that apply.