ExamGecko
Login
Home / ISC / CISSP-ISSEP / List of questions
Ask Question

ISC CISSP-ISSEP Practice Test - Questions Answers, Page 10

Add to Whishlist

List of questions

Question 91

Report Export Collapse

Which of the following organizations is a USG initiative designed to meet the security testing, evaluation, and assessment needs of both information technology (IT) producers and consumers

Become a Premium Member for full access
  Unlock Premium Member

Question 92

Report Export Collapse

The risk transference is referred to the transfer of risks to a third party, usually for a fee, it creates a contractual-relationship for the third party to manage the risk on behalf of the performing organization. Which one of the following is NOT an example of the transference risk response

Become a Premium Member for full access
  Unlock Premium Member

Question 93

Report Export Collapse

You work as a security engineer for BlueWell Inc. According to you, which of the following DITSCAPNIACAP model phases occurs at the initiation of the project, or at the initial C&A effort of a legacy system

Become a Premium Member for full access
  Unlock Premium Member

Question 94

Report Export Collapse

SIMULATION Fill in the blank with an appropriate phrase. A ____________________ is defined as any activity that has an effect on defining, designing, building, or executing a task, requirement, or procedure.

Become a Premium Member for full access
  Unlock Premium Member

Question 95

Report Export Collapse

According to which of the following DoD policies, the implementation of DITSCAP is mandatory for all the systems that process both DoD classified and unclassified information?

Become a Premium Member for full access
  Unlock Premium Member

Question 96

Report Export Collapse

Which of the following federal laws are related to hacking activities Each correct answer represents a complete solution. Choose three.

Become a Premium Member for full access
  Unlock Premium Member

Question 97

Report Export Collapse

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support

Become a Premium Member for full access
  Unlock Premium Member

Question 98

Report Export Collapse

Which of the following are the most important tasks of the Information Management Plan (IMP) Each correct answer represents a complete solution. Choose all that apply.

Become a Premium Member for full access
  Unlock Premium Member

Question 99

Report Export Collapse

FIPS 199 defines the three levels of potential impact on organizations. Which of the following potential impact levels shows limited adverse effects on organizational operations, organizational assets, or individuals

Become a Premium Member for full access
  Unlock Premium Member

Question 100

Report Export Collapse

The principle of the SEMP is not to repeat the information, but rather to ensure that there are processes in place to conduct those functions. Which of the following sections of the SEMP template describes the work authorization procedures as well as change management approval processes

Become a Premium Member for full access
  Unlock Premium Member
Total 214 questions
Go to page: of 22
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support
You have been tasked with finding an encryption methodology that will encrypt most types of email attachments. The requirements are that your solution must use the RSA algorithm. Which of the following is your best choice
DoD 8500.2 establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels. Which of the following MAC levels requires basic integrity and availability
Numerous information security standards promote good security practices and define frameworks or systems to structure the analysis and design for managing information security controls. Which of the following are the U.S. Federal Government information security standards Each correct answer represents a complete solution. Choose all that apply.
The Concept of Operations (CONOPS) is a document describing the characteristics of a proposed system from the viewpoint of an individual who will use that system. Which of the following points are included in CONOPS Each correct answer represents a complete solution. Choose all that apply.
A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. What are the different types of policies Each correct answer represents a complete solution. Choose all that apply.
Which of the following statements define the role of the ISSEP during the development of the detailed security design, as mentioned in the IATF document Each correct answer represents a complete solution. Choose all that apply.
Which of the following documents is described in the statement below It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning.
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event
What NIACAP certification levels are recommended by the certifier Each correct answer represents a complete solution. Choose all that apply.