ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSEP

ISC CISSP-ISSEP Practice Test - Questions Answers, Page 14

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support
You work as a systems engineer for BlueWell Inc. You want to communicate the quantitative and qualitative system characteristics to all stakeholders. Which of the following documents will you use to achieve the above task
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event
Which of the following phases of NIST SP 800-37 C&A methodology examines the residual risk for acceptability, and prepares the final security accreditation package
Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities
Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system
Which of the following individuals are part of the senior management and are responsible for authorization of individual systems, approving enterprise solutions, establishing security policies, providing funds, and maintaining an understanding of risks at all levels Each correct answer represents a complete solution. Choose all that apply.
A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. What are the different types of policies Each correct answer represents a complete solution. Choose all that apply.
Which of the following agencies provides command and control capabilities and enterprise infrastructure to continuously operate and assure a global net-centric enterprise in direct support to joint warfighters, National level leaders, and other mission and coalition partners across the full spectrum of operations
Which of the following areas of information system, as separated by Information Assurance Framework, is a collection of local computing devices, regardless of physical location, that are interconnected via local area networks (LANs) and governed by a single security policy

Question 131

Report
Export
Collapse

Which of the following tasks describes the processes required to ensure that the project includes all the work required, and only the work required, to complete the project successfully

A.
Identify Roles and Responsibilities
A.
Identify Roles and Responsibilities
Answers
B.
Develop Project Schedule
B.
Develop Project Schedule
Answers
C.
Identify Resources and Availability
C.
Identify Resources and Availability
Answers
D.
Estimate project scope
D.
Estimate project scope
Answers
Suggested answer: D

Question 132

Report
Export
Collapse

System Authorization is the risk management process. System Authorization Plan (SAP) is a comprehensive and uniform approach to the System Authorization

Process. What are the different phases of System Authorization Plan Each correct answer represents a part of the solution. Choose all that apply.

A.
Certification
A.
Certification
Answers
B.
Authorization
B.
Authorization
Answers
C.
Post-certification
C.
Post-certification
Answers
D.
Post-Authorization
D.
Post-Authorization
Answers
E.
Pre-certification
E.
Pre-certification
Answers
Suggested answer: A, B, D, E

Question 133

Report
Export
Collapse

Which of the following CNSS policies describes the national policy on securing voice communications

A.
NSTISSP No. 6
A.
NSTISSP No. 6
Answers
B.
NSTISSP No. 7
B.
NSTISSP No. 7
Answers
C.
NSTISSP No. 101
C.
NSTISSP No. 101
Answers
D.
NSTISSP No. 200
D.
NSTISSP No. 200
Answers
Suggested answer: C

Question 134

Report
Export
Collapse

Which of the following phases of NIST SP 800-37 C&A methodology examines the residual risk for acceptability, and prepares the final security accreditation package

A.
Initiation
A.
Initiation
Answers
B.
Security Certification
B.
Security Certification
Answers
C.
Continuous Monitoring
C.
Continuous Monitoring
Answers
D.
Security Accreditation
D.
Security Accreditation
Answers
Suggested answer: D

Question 135

Report
Export
Collapse

Which of the following are the phases of the Certification and Accreditation (C&A) process Each correct answer represents a complete solution. Choose two.

A.
Auditing
A.
Auditing
Answers
B.
Initiation
B.
Initiation
Answers
C.
Continuous Monitoring
C.
Continuous Monitoring
Answers
D.
Detection
D.
Detection
Answers
Suggested answer: B, C

Question 136

Report
Export
Collapse

Which of the following DITSCAPNIACAP model phases is used to confirm that the evolving system development and integration complies with the agreements between role players documented in the first phase

A.
Verification
A.
Verification
Answers
B.
Validation
B.
Validation
Answers
C.
Post accreditation
C.
Post accreditation
Answers
D.
Definition
D.
Definition
Answers
Suggested answer: A

Question 137

Report
Export
Collapse

Which of the following are the ways of sending secure e-mail messages over the Internet Each correct answer represents a complete solution. Choose two.

A.
PGP
A.
PGP
Answers
B.
SMIME
B.
SMIME
Answers
C.
TLS
C.
TLS
Answers
D.
IPSec
D.
IPSec
Answers
Suggested answer: A, B

Question 138

Report
Export
Collapse

Which of the following memorandums directs the Departments and Agencies to post clear privacy policies on World Wide Web sites, and provides guidance for doing it

A.
OMB M-99-18
A.
OMB M-99-18
Answers
B.
OMB M-00-13
B.
OMB M-00-13
Answers
C.
OMB M-03-19
C.
OMB M-03-19
Answers
D.
OMB M-00-07
D.
OMB M-00-07
Answers
Suggested answer: A

Question 139

Report
Export
Collapse

Which of the following categories of system specification describes the technical, performance, operational, maintenance, and support characteristics for the entire system

A.
Process specification
A.
Process specification
Answers
B.
Product specification
B.
Product specification
Answers
C.
Development specification
C.
Development specification
Answers
D.
System specification
D.
System specification
Answers
Suggested answer: D

Question 140

Report
Export
Collapse

You have been tasked with finding an encryption methodology that will encrypt most types of email attachments. The requirements are that your solution must use the RSA algorithm. Which of the following is your best choice

A.
PGP
A.
PGP
Answers
B.
SMIME
B.
SMIME
Answers
C.
DES
C.
DES
Answers
D.
Blowfish
D.
Blowfish
Answers
Suggested answer: B
Total 214 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms