ExamGecko
Login
Home / ISC / CISSP-ISSEP / List of questions
Ask Question

ISC CISSP-ISSEP Practice Test - Questions Answers, Page 12

List of questions

Question 111

Report Export Collapse

Certification and Accreditation (C&A or CnA) is a process for implementing information security. Which of the following is the correct order of C&A phases in a

DITSCAP assessment

Definition, Validation, Verification, and Post Accreditation
Definition, Validation, Verification, and Post Accreditation
Verification, Definition, Validation, and Post Accreditation
Verification, Definition, Validation, and Post Accreditation
Verification, Validation, Definition, and Post Accreditation
Verification, Validation, Definition, and Post Accreditation
Definition, Verification, Validation, and Post Accreditation
Definition, Verification, Validation, and Post Accreditation
Suggested answer: D
asked 18/09/2024
Faizan Ahmed
45 questions

Question 112

Report Export Collapse

Which of the following federal agencies has the objective to develop and promote measurement, standards, and technology to enhance productivity, facilitate trade, and improve the quality of life

National Institute of Standards and Technology (NIST)
National Institute of Standards and Technology (NIST)
National Security Agency (NSA)
National Security Agency (NSA)
Committee on National Security Systems (CNSS)
Committee on National Security Systems (CNSS)
United States Congress
United States Congress
Suggested answer: A
asked 18/09/2024
Adrian Kustosz
40 questions

Question 113

Report Export Collapse

SIMULATION

Fill in the blank with an appropriate phrase. The ____________ helps the customer understand and document the information management needs that support the business or mission.

systems engineer
systems engineer
Suggested answer:
asked 18/09/2024
Parita Malbari
57 questions

Question 114

Report Export Collapse

Numerous information security standards promote good security practices and define frameworks or systems to structure the analysis and design for managing information security controls. Which of the following are the international information security standards Each correct answer represents a complete solution.

Choose all that apply.

Organization of information security
Organization of information security
Human resources security
Human resources security
Risk assessment and treatment
Risk assessment and treatment
AU audit and accountability
AU audit and accountability
Suggested answer: A, B, C
asked 18/09/2024
Dinu Jose Varghese
41 questions

Question 115

Report Export Collapse

Which of the following certification levels requires the completion of the minimum security checklist, and the system user or an independent certifier can complete the checklist

CL 2
CL 2
CL 3
CL 3
CL 1
CL 1
CL 4
CL 4
Suggested answer: C
asked 18/09/2024
Alessio Marsicovetere
20 questions

Question 116

Report Export Collapse

Which of the following cooperative programs carried out by NIST provides a nationwide network of local centers offering technical and business assistance to small manufacturers

NIST Laboratories
NIST Laboratories
Advanced Technology Program
Advanced Technology Program
Manufacturing Extension Partnership
Manufacturing Extension Partnership
Baldrige National Quality Program
Baldrige National Quality Program
Suggested answer: C
asked 18/09/2024
maddalena barbaro
37 questions

Question 117

Report Export Collapse

Which of the following DoD directives defines DITSCAP as the standard C&A process for the Department of Defense

DoD 5200.22-M
DoD 5200.22-M
DoD 8910.1
DoD 8910.1
DoD 5200.40
DoD 5200.40
DoD 8000.1
DoD 8000.1
Suggested answer: C
asked 18/09/2024
Ahmed Dawoud
48 questions

Question 118

Report Export Collapse

You work as a security engineer for BlueWell Inc. According to you, which of the following statements determines the main focus of the ISSE process

Design information systems that will meet the certification and accreditation documentation.
Design information systems that will meet the certification and accreditation documentation.
Identify the information protection needs.
Identify the information protection needs.
Ensure information systems are designed and developed with functional relevance.
Ensure information systems are designed and developed with functional relevance.
Instruct systems engineers on availability, integrity, and confidentiality.
Instruct systems engineers on availability, integrity, and confidentiality.
Suggested answer: B
asked 18/09/2024
MIGUEL FERNANDEZ
46 questions

Question 119

Report Export Collapse

Which of the following is NOT an objective of the security program

Security education
Security education
Information classification
Information classification
Security organization
Security organization
Security plan
Security plan
Suggested answer: D
asked 18/09/2024
Hemanth Gangabattula
40 questions

Question 120

Report Export Collapse

The Chief Information Officer (CIO), or Information Technology (IT) director, is a job title commonly given to the most senior executive in an enterprise. What are the responsibilities of a Chief Information Officer Each correct answer represents a complete solution. Choose all that apply.

Proposing the information technology needed by an enterprise to achieve its goals and then working within a budget to implement the plan
Proposing the information technology needed by an enterprise to achieve its goals and then working within a budget to implement the plan
Preserving high-level communications and working group relationships in an organization
Preserving high-level communications and working group relationships in an organization
Establishing effective continuous monitoring program for the organization
Establishing effective continuous monitoring program for the organization
Facilitating the sharing of security risk-related information among authorizing officials
Facilitating the sharing of security risk-related information among authorizing officials
Suggested answer: A, B, C
asked 18/09/2024
Tracy Sampson
40 questions
Total 214 questions
Go to page: of 22
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support
You have been tasked with finding an encryption methodology that will encrypt most types of email attachments. The requirements are that your solution must use the RSA algorithm. Which of the following is your best choice
DoD 8500.2 establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels. Which of the following MAC levels requires basic integrity and availability
Numerous information security standards promote good security practices and define frameworks or systems to structure the analysis and design for managing information security controls. Which of the following are the U.S. Federal Government information security standards Each correct answer represents a complete solution. Choose all that apply.
The Concept of Operations (CONOPS) is a document describing the characteristics of a proposed system from the viewpoint of an individual who will use that system. Which of the following points are included in CONOPS Each correct answer represents a complete solution. Choose all that apply.
A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. What are the different types of policies Each correct answer represents a complete solution. Choose all that apply.
Which of the following statements define the role of the ISSEP during the development of the detailed security design, as mentioned in the IATF document Each correct answer represents a complete solution. Choose all that apply.
Which of the following documents is described in the statement below It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning.
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event
What NIACAP certification levels are recommended by the certifier Each correct answer represents a complete solution. Choose all that apply.