ExamGecko
Login
Home / ISC / CAP / List of questions
Ask Question

ISC CAP Practice Test - Questions Answers, Page 7

Add to Whishlist

List of questions

Question 61

Report Export Collapse

Which of the following processes is a structured approach to transitioning individuals, teams, and organizations from a current state to a desired future state?

Procurement management
Procurement management
Change management
Change management
Risk management
Risk management
Configuration management
Configuration management
Suggested answer: B
asked 18/09/2024
Kathie Herod
42 questions

Question 62

Report Export Collapse

You are the project manager for your company and a new change request has been approved for your project. This change request, however, has introduced several new risks to the project. You have communicated these risk events and the project stakeholders understand the possible effects these risks could have on your project. You elect to create a mitigation response for the identified risk events. Where will you record the mitigation response?

Project management plan
Project management plan
Risk management plan
Risk management plan
Risk log
Risk log
Risk register
Risk register
Suggested answer: D
asked 18/09/2024
Carlos Roberto
58 questions

Question 63

Report Export Collapse

Which of the following RMF phases is known as risk analysis?

Phase 2
Phase 2
Phase 1
Phase 1
Phase 0
Phase 0
Phase 3
Phase 3
Suggested answer: A
asked 18/09/2024
Faizan Ahmed
45 questions

Question 64

Report Export Collapse

Jenny is the project manager of the NHJ Project for her company. She has identified several positive risk events within the project and she thinks these events can save the project time and money. You, a new team member wants to know that how many risk responses are available for a positive risk event. What will

Jenny reply to you?

Four
Four
Seven
Seven
Acceptance is the only risk response for positive risk events.
Acceptance is the only risk response for positive risk events.
Three
Three
Suggested answer: A
asked 18/09/2024
Edgar Zapico
46 questions

Question 65

Report Export Collapse

Wendy is about to perform qualitative risk analysis on the identified risks within her project. Which one of the following will NOT help Wendy to perform this project management activity?

Stakeholder register
Stakeholder register
Risk register
Risk register
Project scope statement
Project scope statement
Risk management plan
Risk management plan
Suggested answer: A
asked 18/09/2024
Daniel Adebayo
47 questions

Question 66

Report Export Collapse

Which of the following roles is responsible for review and risk analysis of all contracts on a regular basis?

The Supplier Manager
The Supplier Manager
The IT Service Continuity Manager
The IT Service Continuity Manager
The Service Catalogue Manager
The Service Catalogue Manager
The Configuration Manager
The Configuration Manager
Suggested answer: A
asked 18/09/2024
test fdf
53 questions

Question 67

Report Export Collapse

You are the project manager for the NHH project. You are working with your project team to examine the project from four different defined perspectives to increase the breadth of identified risks by including internally generated risks. What risk identification approach are you using in this example?

SWOT analysis
SWOT analysis
Root cause analysis
Root cause analysis
Assumptions analysis
Assumptions analysis
Influence diagramming techniques
Influence diagramming techniques
Suggested answer: A
asked 18/09/2024
Vincent Chung
44 questions

Question 68

Report Export Collapse

Which of the following are included in Physical Controls?

Each correct answer represents a complete solution. Choose all that apply.

Locking systems and removing unnecessary floppy or CD-ROM drives
Locking systems and removing unnecessary floppy or CD-ROM drives
Environmental controls
Environmental controls
Password and resource management
Password and resource management
Identification and authentication methods
Identification and authentication methods
Monitoring for intrusion
Monitoring for intrusion
Controlling individual access into the facility and different departments
Controlling individual access into the facility and different departments
Suggested answer: A, B, E, F
asked 18/09/2024
jaimie lloyd
48 questions

Question 69

Report Export Collapse

Which of the following NIST Special Publication documents provides a guideline on network security testing?

NIST SP 800-60
NIST SP 800-60
NIST SP 800-53A
NIST SP 800-53A
NIST SP 800-37
NIST SP 800-37
NIST SP 800-42
NIST SP 800-42
NIST SP 800-59
NIST SP 800-59
NIST SP 800-53
NIST SP 800-53
Suggested answer: D
asked 18/09/2024
Marc Casin Martinez
43 questions

Question 70

Report Export Collapse

Which one of the following is the only output for the qualitative risk analysis process?

Project management plan
Project management plan
Risk register updates
Risk register updates
Enterprise environmental factors
Enterprise environmental factors
Organizational process assets
Organizational process assets
Suggested answer: B
asked 18/09/2024
Stian Godoe
49 questions
Total 395 questions
Go to page: of 40
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

System Authorization is the risk management process. System Authorization Plan (SAP) is a comprehensive and uniform approach to the System Authorization Process. What are the different phases of System Authorization Plan? Each correct answer represents a part of the solution. Choose all that apply.
FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows that the procedures and controls have been implemented?
DIACAP applies to the acquisition, operation, and sustainment of any DoD system that collects, stores, transmits, or processes unclassified or classified information since December 1997. What phases are identified by DIACAP? Each correct answer represents a complete solution. Choose all that apply.
The phase 3 of the Risk Management Framework (RMF) process is known as mitigation planning. Which of the following processes take place in phase 3? Each correct answer represents a complete solution. Choose all that apply.
Certification and Accreditation (C&A or CnA) is a process for implementing information security. Which of the following is the correct order of C&A phases in a DITSCAP assessment?
Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them. Which of the following access control models will he use?
FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows that the procedures and controls have been implemented?
According to FIPS Publication 199, what are the three levels of potential impact on organizations in the event of a compromise on confidentiality, integrity, and availability?
Which of the following requires all general support systems and major applications to be fully certified and accredited before these systems and applications are put into production? Each correct answer represents a part of the solution. Choose all that apply.
Which of the following individuals makes the final accreditation decision?