ISC CAP Practice Test - Questions Answers, Page 7

You are the project manager for your company and a new change request has been approved for your project. This change request, however, has introduced several new risks to the project. You have communicated these risk events and the project stakeholders understand the possible effects these risks could have on your project. You elect to create a mitigation response for the identified risk events. Where will you record the mitigation response?

Which of the following RMF phases is known as risk analysis?

Jenny is the project manager of the NHJ Project for her company. She has identified several positive risk events within the project and she thinks these events can save the project time and money. You, a new team member wants to know that how many risk responses are available for a positive risk event. What will

Jenny reply to you?

Wendy is about to perform qualitative risk analysis on the identified risks within her project. Which one of the following will NOT help Wendy to perform this project management activity?

Which of the following roles is responsible for review and risk analysis of all contracts on a regular basis?

You are the project manager for the NHH project. You are working with your project team to examine the project from four different defined perspectives to increase the breadth of identified risks by including internally generated risks. What risk identification approach are you using in this example?

Which of the following are included in Physical Controls?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following NIST Special Publication documents provides a guideline on network security testing?

Which one of the following is the only output for the qualitative risk analysis process?