ISC CAP Practice Test - Questions Answers, Page 39

Which of the following RMF phases is known as risk analysis?

You work as a project manager for BlueWell Inc. There has been a delay in your project work that is adversely affecting the project schedule. You decided, with your stakeholders' approval, to fast track the project work to get the project done faster. When you fast track the project which of the following are likely to increase?

An authentication method uses smart cards as well as usernames and passwords for authentication. Which of the following authentication methods is being referred to?

In 2003, NIST developed a new Certification & Accreditation (C&A) guideline known as FIPS 199.

What levels of potential impact are defined by FIPS 199?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following is NOT an objective of the security program?

Walter is the project manager of a large construction project. He'll be working with several vendors on the project. Vendors will be providing materials and labor for several parts of the project. Some of the works in the project are very dangerous so Walter has implemented safety requirements for all of the vendors and his own project team. Stakeholders for the project have added new requirements, which have caused new risks in the project. A vendor has identified a new risk that could affect the project if it comes into fruition. Walter agrees with the vendor and has updated the risk register and created potential risk responses to mitigate the risk. What should Walter also update in this scenario considering the risk event?

During which of the following processes, probability and impact matrix is prepared?

During qualitative risk analysis you want to define the risk urgency assessment. All of the following are indicators of risk priority except for which one?

Which of the following statements about Discretionary Access Control List (DACL) is true?