ExamGecko
Login
Home / ISC / CISSP-ISSEP / List of questions
Ask Question

ISC CISSP-ISSEP Practice Test - Questions Answers, Page 2

List of questions

Question 11

Report Export Collapse

Which of the following guidelines is recommended for engineering, protecting, managing, processing, and controlling national security and sensitive (although unclassified) information

Federal Information Processing Standard (FIPS)
Federal Information Processing Standard (FIPS)
Special Publication (SP)
Special Publication (SP)
NISTIRs (Internal Reports)
NISTIRs (Internal Reports)
DIACAP by the United States Department of Defense (DoD)
DIACAP by the United States Department of Defense (DoD)
Suggested answer: B
asked 18/09/2024
Edward Eric
42 questions

Question 12

Report Export Collapse

Which of the following Security Control Assessment Tasks gathers the documentation and supporting materials essential for the assessment of the security controls in the information system

Security Control Assessment Task 4
Security Control Assessment Task 4
Security Control Assessment Task 3
Security Control Assessment Task 3
Security Control Assessment Task 1
Security Control Assessment Task 1
Security Control Assessment Task 2
Security Control Assessment Task 2
Suggested answer: C
asked 18/09/2024
Mercedes Gonzalez Riera
49 questions

Question 13

Report Export Collapse

Which of the following professionals plays the role of a monitor and takes part in the organization's configuration management process

Chief Information Officer
Chief Information Officer
Authorizing Official
Authorizing Official
Common Control Provider
Common Control Provider
Senior Agency Information Security Officer
Senior Agency Information Security Officer
Suggested answer: C
asked 18/09/2024
ALBERTO BONATO
49 questions

Question 14

Report Export Collapse

Which of the following processes culminates in an agreement between key players that a system in its current configuration and operation provides adequate protection controls

Certification and accreditation (C&A)
Certification and accreditation (C&A)
Risk Management
Risk Management
Information systems security engineering (ISSE)
Information systems security engineering (ISSE)
Information Assurance (IA)
Information Assurance (IA)
Suggested answer: A
asked 18/09/2024
Ana Roque
40 questions

Question 15

Report Export Collapse

The Phase 4 of DITSCAP C&A is known as Post Accreditation. This phase starts after the system has been accredited in Phase 3. What are the process activities of this phase Each correct answer represents a complete solution. Choose all that apply.

Security operations
Security operations
Continue to review and refine the SSAA
Continue to review and refine the SSAA
Change management
Change management
Compliance validation
Compliance validation
System operations
System operations
Maintenance of the SSAA
Maintenance of the SSAA
Suggested answer: A, C, D, E, F
asked 18/09/2024
Jose Leonardo
31 questions

Question 16

Report Export Collapse

Which of the following email lists is written for the technical audiences, and provides weekly summaries of security issues, new vulnerabilities, potential impact, patches and workarounds, as well as the actions recommended to mitigate risk

Cyber Security Tip
Cyber Security Tip
Cyber Security Alert
Cyber Security Alert
Cyber Security Bulletin
Cyber Security Bulletin
Technical Cyber Security Alert
Technical Cyber Security Alert
Suggested answer: C
asked 18/09/2024
Edwin Daneel
35 questions

Question 17

Report Export Collapse

Which of the following tasks obtains the customer agreement in planning the technical effort

Task 9
Task 9
Task 11
Task 11
Task 8
Task 8
Task 10
Task 10
Suggested answer: B
asked 18/09/2024
Endre Horvath
38 questions

Question 18

Report Export Collapse

Which of the following documents were developed by NIST for conducting Certification & Accreditation (C&A) Each correct answer represents a complete solution. Choose all that apply.

NIST Special Publication 800-59
NIST Special Publication 800-59
NIST Special Publication 800-60
NIST Special Publication 800-60
NIST Special Publication 800-37A
NIST Special Publication 800-37A
NIST Special Publication 800-37
NIST Special Publication 800-37
NIST Special Publication 800-53
NIST Special Publication 800-53
NIST Special Publication 800-53A
NIST Special Publication 800-53A
Suggested answer: A, B, D, E, F
asked 18/09/2024
Ali Reza Farahnak
55 questions

Question 19

Report Export Collapse

Which of the following elements are described by the functional requirements task Each correct answer represents a complete solution. Choose all that apply.

Coverage
Coverage
Accuracy
Accuracy
Quality
Quality
Quantity
Quantity
Suggested answer: A, C, D
asked 18/09/2024
Opeyemi Oguntodu
43 questions

Question 20

Report Export Collapse

Which of the following documents is defined as a source document, which is most useful for the ISSE when classifying the needed security functionality

Information Protection Policy (IPP)
Information Protection Policy (IPP)
IMM
IMM
System Security Context
System Security Context
CONOPS
CONOPS
Suggested answer: A
asked 18/09/2024
Aurelie Touraille Colombo
33 questions
Total 214 questions
Go to page: of 22
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support
You have been tasked with finding an encryption methodology that will encrypt most types of email attachments. The requirements are that your solution must use the RSA algorithm. Which of the following is your best choice
DoD 8500.2 establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels. Which of the following MAC levels requires basic integrity and availability
Numerous information security standards promote good security practices and define frameworks or systems to structure the analysis and design for managing information security controls. Which of the following are the U.S. Federal Government information security standards Each correct answer represents a complete solution. Choose all that apply.
The Concept of Operations (CONOPS) is a document describing the characteristics of a proposed system from the viewpoint of an individual who will use that system. Which of the following points are included in CONOPS Each correct answer represents a complete solution. Choose all that apply.
A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. What are the different types of policies Each correct answer represents a complete solution. Choose all that apply.
Which of the following statements define the role of the ISSEP during the development of the detailed security design, as mentioned in the IATF document Each correct answer represents a complete solution. Choose all that apply.
Which of the following documents is described in the statement below It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning.
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event
What NIACAP certification levels are recommended by the certifier Each correct answer represents a complete solution. Choose all that apply.