ExamGecko
Home Home / ISC / CAP
Ask QuestionAsk Question

ISC CAP Practice Test - Questions Answers, Page 22

Question list
Search
Search

List of questions

Search

Related questions











Question 211

Report
Export
Collapse

FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems.

Which of the following FITSAF levels shows that the procedures and controls are tested and reviewed?

A.
Level 1
A.
Level 1
Answers
B.
Level 2
B.
Level 2
Answers
C.
Level 4
C.
Level 4
Answers
D.
Level 5
D.
Level 5
Answers
E.
Level 3
E.
Level 3
Answers
Suggested answer: C
asked 18/09/2024
Tiago Martins
33 questions

Question 212

Report
Export
Collapse

A high-profile, high-priority project within your organization is being created. Management wants you to pay special attention to the project risks and do all that you can to ensure that all of the risks are identified early in the project. Management has to ensure that this project succeeds. Management's risk aversion in this project is associated with what term?

A.
Utility function
A.
Utility function
Answers
B.
Risk conscience
B.
Risk conscience
Answers
C.
Quantitative risk analysis
C.
Quantitative risk analysis
Answers
D.
Risk mitigation
D.
Risk mitigation
Answers
Suggested answer: A
asked 18/09/2024
Ludovic HEZON
31 questions

Question 213

Report
Export
Collapse

Which of the following governance bodies directs and coordinates implementations of the information security program?

A.
Information Security Steering Committee
A.
Information Security Steering Committee
Answers
B.
Senior Management
B.
Senior Management
Answers
C.
Business Unit Manager
C.
Business Unit Manager
Answers
D.
Chief Information Security Officer
D.
Chief Information Security Officer
Answers
Suggested answer: D
asked 18/09/2024
Brian Foy
40 questions

Question 214

Report
Export
Collapse

What are the subordinate tasks of the Implement and Validate Assigned IA Controlphase in the DIACAP process? Each correct answer represents a complete solution. Choose all that apply.

A.
Conduct activities related to the disposition of the system data and objects.
A.
Conduct activities related to the disposition of the system data and objects.
Answers
B.
Execute and update IA implementation plan.
B.
Execute and update IA implementation plan.
Answers
C.
Conduct validation activities.
C.
Conduct validation activities.
Answers
D.
Combine validation results in DIACAP scorecard.
D.
Combine validation results in DIACAP scorecard.
Answers
Suggested answer: B, C, D
asked 18/09/2024
Oliver Buss
29 questions

Question 215

Report
Export
Collapse

Which of the following DITSCAP C&A phases takes place between the signing of the initial version of the SSAA and the formal accreditation of the system?

A.
Phase 3
A.
Phase 3
Answers
B.
Phase 1
B.
Phase 1
Answers
C.
Phase 2
C.
Phase 2
Answers
D.
Phase 4
D.
Phase 4
Answers
Suggested answer: C
asked 18/09/2024
Daria Frutskaya
42 questions

Question 216

Report
Export
Collapse

The phase 0 of Risk Management Framework (RMF) is known as strategic risk assessment planning. Which of the following processes take place in phase 0?

Each correct answer represents a complete solution. Choose all that apply.

A.
Review documentation and technical data.
A.
Review documentation and technical data.
Answers
B.
Apply classification criteria to rank data assets and related IT resources.
B.
Apply classification criteria to rank data assets and related IT resources.
Answers
C.
Establish criteria that will be used to classify and rank data assets.
C.
Establish criteria that will be used to classify and rank data assets.
Answers
D.
Identify threats, vulnerabilities, and controls that will be evaluated.
D.
Identify threats, vulnerabilities, and controls that will be evaluated.
Answers
E.
Establish criteria that will be used to evaluate threats, vulnerabilities, and controls.
E.
Establish criteria that will be used to evaluate threats, vulnerabilities, and controls.
Answers
Suggested answer: B, C, D, E
asked 18/09/2024
Baran Kilic
34 questions

Question 217

Report
Export
Collapse

Which of the following fields of management focuses on establishing and maintaining consistency of a system's or product's performance and its functional and physical attributes with its requirements, design, and operational information throughout its life?

A.
Configuration management
A.
Configuration management
Answers
B.
Procurement management
B.
Procurement management
Answers
C.
Risk management
C.
Risk management
Answers
D.
Change management
D.
Change management
Answers
Suggested answer: A
asked 18/09/2024
So young Jang
27 questions

Question 218

Report
Export
Collapse

Which of the following roles is used to ensure that the confidentiality, integrity, and availability of the services are maintained to the levels approved on the

Service Level Agreement (SLA)?

A.
The Change Manager
A.
The Change Manager
Answers
B.
The IT Security Manager
B.
The IT Security Manager
Answers
C.
The Service Level Manager
C.
The Service Level Manager
Answers
D.
The Configuration Manager
D.
The Configuration Manager
Answers
Suggested answer: B
asked 18/09/2024
Jose Walter
32 questions

Question 219

Report
Export
Collapse

Which of the following terms related to risk management represents the estimated frequency at which a threat is expected to occur?

A.
Safeguard
A.
Safeguard
Answers
B.
Single Loss Expectancy (SLE)
B.
Single Loss Expectancy (SLE)
Answers
C.
Exposure Factor (EF)
C.
Exposure Factor (EF)
Answers
D.
Annualized Rate of Occurrence (ARO)
D.
Annualized Rate of Occurrence (ARO)
Answers
Suggested answer: D
asked 18/09/2024
Pichai Chaipoon
43 questions

Question 220

Report
Export
Collapse

Information Security management is a process of defining the security controls in order to protect information assets. The first action of a management program to implement information security is to have a security program in place. What are the objectives of a security program? Each correct answer represents a complete solution. Choose all that apply.

A.
Security organization
A.
Security organization
Answers
B.
System classification
B.
System classification
Answers
C.
Information classification
C.
Information classification
Answers
D.
Security education
D.
Security education
Answers
Suggested answer: A, C, D
asked 18/09/2024
Aurelie Touraille Colombo
32 questions
Total 395 questions
Go to page: of 40