ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSEP

ISC CISSP-ISSEP Practice Test - Questions Answers, Page 13

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support
You work as a systems engineer for BlueWell Inc. You want to communicate the quantitative and qualitative system characteristics to all stakeholders. Which of the following documents will you use to achieve the above task
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event
Which of the following phases of NIST SP 800-37 C&A methodology examines the residual risk for acceptability, and prepares the final security accreditation package
Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities
Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system
Which of the following individuals are part of the senior management and are responsible for authorization of individual systems, approving enterprise solutions, establishing security policies, providing funds, and maintaining an understanding of risks at all levels Each correct answer represents a complete solution. Choose all that apply.
A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. What are the different types of policies Each correct answer represents a complete solution. Choose all that apply.
Which of the following agencies provides command and control capabilities and enterprise infrastructure to continuously operate and assure a global net-centric enterprise in direct support to joint warfighters, National level leaders, and other mission and coalition partners across the full spectrum of operations
Which of the following areas of information system, as separated by Information Assurance Framework, is a collection of local computing devices, regardless of physical location, that are interconnected via local area networks (LANs) and governed by a single security policy

Question 121

Report
Export
Collapse

Which of the following is a temporary approval to operate based on an assessment of the implementation status of the assigned IA Controls

A.
IATO
A.
IATO
Answers
B.
DATO
B.
DATO
Answers
C.
ATO
C.
ATO
Answers
D.
IATT
D.
IATT
Answers
Suggested answer: A

Question 122

Report
Export
Collapse

Which of the following phases of the ISSE model is used to determine why the system needs to be built and what information needs to be protected

A.
Develop detailed security design
A.
Develop detailed security design
Answers
B.
Define system security requirements
B.
Define system security requirements
Answers
C.
Discover information protection needs
C.
Discover information protection needs
Answers
D.
Define system security architecture
D.
Define system security architecture
Answers
Suggested answer: C

Question 123

Report
Export
Collapse

Which of the following Net-Centric Data Strategy goals are required to increase enterprise and community data over private user and system data Each correct answer represents a complete solution. Choose all that apply.

A.
Understandability
A.
Understandability
Answers
B.
Visibility
B.
Visibility
Answers
C.
Interoperability
C.
Interoperability
Answers
D.
Accessibility
D.
Accessibility
Answers
Suggested answer: B, D

Question 124

Report
Export
Collapse

Which of the following acts assigns the Chief Information Officers (CIO) with the responsibility to develop Information Technology Architectures (ITAs) and is also referred to as the Information Technology Management Reform Act (ITMRA)

A.
Paperwork Reduction Act
A.
Paperwork Reduction Act
Answers
B.
Computer Misuse Act
B.
Computer Misuse Act
Answers
C.
Lanham Act
C.
Lanham Act
Answers
D.
Clinger Cohen Act
D.
Clinger Cohen Act
Answers
Suggested answer: D

Question 125

Report
Export
Collapse

Which of the following types of CNSS issuances describes how to implement the policy or prescribes the manner of a policy

A.
Advisory memoranda
A.
Advisory memoranda
Answers
B.
Instructions
B.
Instructions
Answers
C.
Policies
C.
Policies
Answers
D.
Directives
D.
Directives
Answers
Suggested answer: B

Question 126

Report
Export
Collapse

The Concept of Operations (CONOPS) is a document describing the characteristics of a proposed system from the viewpoint of an individual who will use that system. Which of the following points are included in CONOPS Each correct answer represents a complete solution. Choose all that apply.

A.
Strategies, tactics, policies, and constraints affecting the system
A.
Strategies, tactics, policies, and constraints affecting the system
Answers
B.
Organizations, activities, and interactions among participants and stakeholders
B.
Organizations, activities, and interactions among participants and stakeholders
Answers
C.
Statement of the structure of the system
C.
Statement of the structure of the system
Answers
D.
Clear statement of responsibilities and authorities delegated
D.
Clear statement of responsibilities and authorities delegated
Answers
E.
Statement of the goals and objectives of the system
E.
Statement of the goals and objectives of the system
Answers
Suggested answer: A, B, D, E

Question 127

Report
Export
Collapse

Which of the following processes describes the elements such as quantity, quality, coverage, timelines, and availability, and categorizes the different functions that the system will need to perform in order to gather the documented missionbusiness needs

A.
Functional requirements
A.
Functional requirements
Answers
B.
Operational scenarios
B.
Operational scenarios
Answers
C.
Human factors
C.
Human factors
Answers
D.
Performance requirements
D.
Performance requirements
Answers
Suggested answer: A

Question 128

Report
Export
Collapse

Which of the following DoD policies establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels

A.
DoD 8500.1 Information Assurance (IA)
A.
DoD 8500.1 Information Assurance (IA)
Answers
B.
DoD 8500.2 Information Assurance Implementation
B.
DoD 8500.2 Information Assurance Implementation
Answers
C.
DoDI 5200.40
C.
DoDI 5200.40
Answers
D.
DoD 8510.1-M DITSCAP
D.
DoD 8510.1-M DITSCAP
Answers
Suggested answer: B

Question 129

Report
Export
Collapse

SIMULATION

Fill in the blank with an appropriate phrase. _________________ is used to verify and accredit systems by making a standard process, set of activities, general tasks, and management structure.

A.
DITSCAPNIACAP
A.
DITSCAPNIACAP
Answers
Suggested answer: A

Question 130

Report
Export
Collapse

SIMULATION

Fill in the blank with an appropriate phrase. The ______________ process is used for allocating performance and designing the requirements to each function.

A.
functional allocation
A.
functional allocation
Answers
Suggested answer: A
Total 214 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms