ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSEP

ISC CISSP-ISSEP Practice Test - Questions Answers

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support
You work as a systems engineer for BlueWell Inc. You want to communicate the quantitative and qualitative system characteristics to all stakeholders. Which of the following documents will you use to achieve the above task
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event
Which of the following phases of NIST SP 800-37 C&A methodology examines the residual risk for acceptability, and prepares the final security accreditation package
Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities
Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system
Which of the following individuals are part of the senior management and are responsible for authorization of individual systems, approving enterprise solutions, establishing security policies, providing funds, and maintaining an understanding of risks at all levels Each correct answer represents a complete solution. Choose all that apply.
Which of the following agencies provides command and control capabilities and enterprise infrastructure to continuously operate and assure a global net-centric enterprise in direct support to joint warfighters, National level leaders, and other mission and coalition partners across the full spectrum of operations
Which of the following areas of information system, as separated by Information Assurance Framework, is a collection of local computing devices, regardless of physical location, that are interconnected via local area networks (LANs) and governed by a single security policy
Which of the following is the application of statistical methods to the monitoring and control of a process to ensure that it operates at its full potential to produce conforming product

Question 1

Report
Export
Collapse

FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems.

Which of the following FITSAF levels shows that the procedures and controls are tested and reviewed

A.
Level 4
A.
Level 4
Answers
B.
Level 5
B.
Level 5
Answers
C.
Level 1
C.
Level 1
Answers
D.
Level 2
D.
Level 2
Answers
E.
Level 3
E.
Level 3
Answers
Suggested answer: A

Question 2

Report
Export
Collapse

Which of the following is a type of security management for computers and networks in order to identify security breaches

A.
IPS
A.
IPS
Answers
B.
IDS
B.
IDS
Answers
C.
ASA
C.
ASA
Answers
D.
EAP
D.
EAP
Answers
Suggested answer: B

Question 3

Report
Export
Collapse

Which of the following types of firewalls increases the security of data packets by remembering the state of connection at the network and the session layers as they pass through the filter

A.
Stateless packet filter firewall
A.
Stateless packet filter firewall
Answers
B.
PIX firewall
B.
PIX firewall
Answers
C.
Stateful packet filter firewall
C.
Stateful packet filter firewall
Answers
D.
Virtual firewall
D.
Virtual firewall
Answers
Suggested answer: C

Question 4

Report
Export
Collapse

Which of the following federal laws is designed to protect computer data from theft

A.
Federal Information Security Management Act (FISMA)
A.
Federal Information Security Management Act (FISMA)
Answers
B.
Computer Fraud and Abuse Act (CFAA)
B.
Computer Fraud and Abuse Act (CFAA)
Answers
C.
Government Information Security Reform Act (GISRA)
C.
Government Information Security Reform Act (GISRA)
Answers
D.
Computer Security Act
D.
Computer Security Act
Answers
Suggested answer: B

Question 5

Report
Export
Collapse

Which of the following is used to indicate that the software has met a defined quality level and is ready for mass distribution either by electronic means or by physical media

A.
ATM
A.
ATM
Answers
B.
RTM
B.
RTM
Answers
C.
CRO
C.
CRO
Answers
D.
DAA
D.
DAA
Answers
Suggested answer: B

Question 6

Report
Export
Collapse

Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one

A.
Configuration Item Costing
A.
Configuration Item Costing
Answers
B.
Configuration Identification
B.
Configuration Identification
Answers
C.
Configuration Verification and Auditing
C.
Configuration Verification and Auditing
Answers
D.
Configuration Status Accounting
D.
Configuration Status Accounting
Answers
Suggested answer: A

Question 7

Report
Export
Collapse

Which of the following professionals is responsible for starting the Certification & Accreditation (C&A) process

A.
Authorizing Official
A.
Authorizing Official
Answers
B.
Information system owner
B.
Information system owner
Answers
C.
Chief Information Officer (CIO)
C.
Chief Information Officer (CIO)
Answers
D.
Chief Risk Officer (CRO)
D.
Chief Risk Officer (CRO)
Answers
Suggested answer: B

Question 8

Report
Export
Collapse

Which of the following security controls is a set of layered security services that address communications and data security problems in the emerging Internet and intranet application space

A.
Internet Protocol Security (IPSec)
A.
Internet Protocol Security (IPSec)
Answers
B.
Common data security architecture (CDSA)
B.
Common data security architecture (CDSA)
Answers
C.
File encryptors
C.
File encryptors
Answers
D.
Application program interface (API)
D.
Application program interface (API)
Answers
Suggested answer: B

Question 9

Report
Export
Collapse

Which of the following protocols is used to establish a secure terminal to a remote network device

A.
WEP
A.
WEP
Answers
B.
SMTP
B.
SMTP
Answers
C.
SSH
C.
SSH
Answers
D.
IPSec
D.
IPSec
Answers
Suggested answer: C

Question 10

Report
Export
Collapse

Which of the following elements of Registration task 4 defines the system's external interfaces as well as the purpose of each external interface, and the relationship between the interface and the system

A.
System firmware
A.
System firmware
Answers
B.
System software
B.
System software
Answers
C.
System interface
C.
System interface
Answers
D.
System hardware
D.
System hardware
Answers
Suggested answer: C
Total 214 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms