ExamGecko
Login
Home / ISC / CISSP-ISSEP / List of questions
Ask Question

ISC CISSP-ISSEP Practice Test - Questions Answers

List of questions

Question 1

Report Export Collapse

FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems.

Which of the following FITSAF levels shows that the procedures and controls are tested and reviewed

Level 4
Level 4
Level 5
Level 5
Level 1
Level 1
Level 2
Level 2
Level 3
Level 3
Suggested answer: A
asked 18/09/2024
Guilherme Silva
27 questions

Question 2

Report Export Collapse

Which of the following is a type of security management for computers and networks in order to identify security breaches

IPS
IPS
IDS
IDS
ASA
ASA
EAP
EAP
Suggested answer: B
asked 18/09/2024
annalise ramdin
36 questions

Question 3

Report Export Collapse

Which of the following types of firewalls increases the security of data packets by remembering the state of connection at the network and the session layers as they pass through the filter

Stateless packet filter firewall
Stateless packet filter firewall
PIX firewall
PIX firewall
Stateful packet filter firewall
Stateful packet filter firewall
Virtual firewall
Virtual firewall
Suggested answer: C
asked 18/09/2024
Joza Pakledinac
29 questions

Question 4

Report Export Collapse

Which of the following federal laws is designed to protect computer data from theft

Federal Information Security Management Act (FISMA)
Federal Information Security Management Act (FISMA)
Computer Fraud and Abuse Act (CFAA)
Computer Fraud and Abuse Act (CFAA)
Government Information Security Reform Act (GISRA)
Government Information Security Reform Act (GISRA)
Computer Security Act
Computer Security Act
Suggested answer: B
asked 18/09/2024
Vinayaka G D
39 questions

Question 5

Report Export Collapse

Which of the following is used to indicate that the software has met a defined quality level and is ready for mass distribution either by electronic means or by physical media

ATM
ATM
RTM
RTM
CRO
CRO
DAA
DAA
Suggested answer: B
asked 18/09/2024
Martin Schouten
41 questions

Question 6

Report Export Collapse

Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one

Configuration Item Costing
Configuration Item Costing
Configuration Identification
Configuration Identification
Configuration Verification and Auditing
Configuration Verification and Auditing
Configuration Status Accounting
Configuration Status Accounting
Suggested answer: A
asked 18/09/2024
Sundarrajan Mugunthan
34 questions

Question 7

Report Export Collapse

Which of the following professionals is responsible for starting the Certification & Accreditation (C&A) process

Authorizing Official
Authorizing Official
Information system owner
Information system owner
Chief Information Officer (CIO)
Chief Information Officer (CIO)
Chief Risk Officer (CRO)
Chief Risk Officer (CRO)
Suggested answer: B
asked 18/09/2024
Jean Presume
30 questions

Question 8

Report Export Collapse

Which of the following security controls is a set of layered security services that address communications and data security problems in the emerging Internet and intranet application space

Internet Protocol Security (IPSec)
Internet Protocol Security (IPSec)
Common data security architecture (CDSA)
Common data security architecture (CDSA)
File encryptors
File encryptors
Application program interface (API)
Application program interface (API)
Suggested answer: B
asked 18/09/2024
luis gilberto correa betancur
44 questions

Question 9

Report Export Collapse

Which of the following protocols is used to establish a secure terminal to a remote network device

WEP
WEP
SMTP
SMTP
SSH
SSH
IPSec
IPSec
Suggested answer: C
asked 18/09/2024
Hakan Köroğlu
34 questions

Question 10

Report Export Collapse

Which of the following elements of Registration task 4 defines the system's external interfaces as well as the purpose of each external interface, and the relationship between the interface and the system

System firmware
System firmware
System software
System software
System interface
System interface
System hardware
System hardware
Suggested answer: C
asked 18/09/2024
Henock Asmerom
40 questions
Total 214 questions
Go to page: of 22
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support
You have been tasked with finding an encryption methodology that will encrypt most types of email attachments. The requirements are that your solution must use the RSA algorithm. Which of the following is your best choice
DoD 8500.2 establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels. Which of the following MAC levels requires basic integrity and availability
Numerous information security standards promote good security practices and define frameworks or systems to structure the analysis and design for managing information security controls. Which of the following are the U.S. Federal Government information security standards Each correct answer represents a complete solution. Choose all that apply.
The Concept of Operations (CONOPS) is a document describing the characteristics of a proposed system from the viewpoint of an individual who will use that system. Which of the following points are included in CONOPS Each correct answer represents a complete solution. Choose all that apply.
A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. What are the different types of policies Each correct answer represents a complete solution. Choose all that apply.
Which of the following statements define the role of the ISSEP during the development of the detailed security design, as mentioned in the IATF document Each correct answer represents a complete solution. Choose all that apply.
Which of the following documents is described in the statement below It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning.
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event
What NIACAP certification levels are recommended by the certifier Each correct answer represents a complete solution. Choose all that apply.