ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSEP

ISC CISSP-ISSEP Practice Test - Questions Answers, Page 21

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support
You work as a systems engineer for BlueWell Inc. You want to communicate the quantitative and qualitative system characteristics to all stakeholders. Which of the following documents will you use to achieve the above task
Which of the following phases of NIST SP 800-37 C&A methodology examines the residual risk for acceptability, and prepares the final security accreditation package
Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities
Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system
Which of the following individuals are part of the senior management and are responsible for authorization of individual systems, approving enterprise solutions, establishing security policies, providing funds, and maintaining an understanding of risks at all levels Each correct answer represents a complete solution. Choose all that apply.
Which of the following agencies provides command and control capabilities and enterprise infrastructure to continuously operate and assure a global net-centric enterprise in direct support to joint warfighters, National level leaders, and other mission and coalition partners across the full spectrum of operations
Which of the following areas of information system, as separated by Information Assurance Framework, is a collection of local computing devices, regardless of physical location, that are interconnected via local area networks (LANs) and governed by a single security policy
Which of the following is the application of statistical methods to the monitoring and control of a process to ensure that it operates at its full potential to produce conforming product
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event

Question 201

Report
Export
Collapse

Which of the following DoD policies establishes policies and assigns responsibilities to achieve DoD IA through a defense-in-depth approach that integrates the capabilities of personnel, operations, and technology, and supports the evolution to network-centric warfare

A.
DoD 8500.2 Information Assurance Implementation
A.
DoD 8500.2 Information Assurance Implementation
Answers
B.
DoD 8510.1-M DITSCAP
B.
DoD 8510.1-M DITSCAP
Answers
C.
DoDI 5200.40
C.
DoDI 5200.40
Answers
D.
DoD 8500.1 Information Assurance (IA)
D.
DoD 8500.1 Information Assurance (IA)
Answers
Suggested answer: D

Question 202

Report
Export
Collapse

Which of the following are the functional analysis and allocation tools Each correct answer represents a complete solution. Choose all that apply.

A.
Functional flow block diagram (FFBD)
A.
Functional flow block diagram (FFBD)
Answers
B.
Activity diagram
B.
Activity diagram
Answers
C.
Timeline analysis diagram
C.
Timeline analysis diagram
Answers
D.
Functional hierarchy diagram
D.
Functional hierarchy diagram
Answers
Suggested answer: A, C, D

Question 203

Report
Export
Collapse

Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted as a Federal Information Processing

Standard

A.
Type III (E) cryptography
A.
Type III (E) cryptography
Answers
B.
Type III cryptography
B.
Type III cryptography
Answers
C.
Type I cryptography
C.
Type I cryptography
Answers
D.
Type II cryptography
D.
Type II cryptography
Answers
Suggested answer: B

Question 204

Report
Export
Collapse

Which of the following are the benefits of SE as stated by MIL-STD-499B Each correct answer represents a complete solution. Choose all that apply.

A.
It develops work breakdown structures and statements of work.
A.
It develops work breakdown structures and statements of work.
Answers
B.
It establishes and maintains configuration management of the system.
B.
It establishes and maintains configuration management of the system.
Answers
C.
It develops needed user training equipment, procedures, and data.
C.
It develops needed user training equipment, procedures, and data.
Answers
D.
It provides high-quality products and services, with the correct people and performance features, at an affordable price, and on time.
D.
It provides high-quality products and services, with the correct people and performance features, at an affordable price, and on time.
Answers
Suggested answer: A, B, C

Question 205

Report
Export
Collapse

Which of the following requires all general support systems and major applications to be fully certified and accredited before these systems and applications are put into production Each correct answer represents a part of the solution.

Choose all that apply.

A.
Office of Management and Budget (OMB)
A.
Office of Management and Budget (OMB)
Answers
B.
NIST
B.
NIST
Answers
C.
FISMA
C.
FISMA
Answers
D.
FIPS
D.
FIPS
Answers
Suggested answer: C

Question 206

Report
Export
Collapse

John works as a security engineer for BlueWell Inc. He wants to identify the different functions that the system will need to perform to meet the documented missionbusiness needs. Which of the following processes will John use to achieve the task

A.
Modes of operation
A.
Modes of operation
Answers
B.
Performance requirement
B.
Performance requirement
Answers
C.
Functional requirement
C.
Functional requirement
Answers
D.
Technical performance measures
D.
Technical performance measures
Answers
Suggested answer: C

Question 207

Report
Export
Collapse

Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system

A.
Data security requirement
A.
Data security requirement
Answers
B.
Network connection rule
B.
Network connection rule
Answers
C.
Applicable instruction or directive
C.
Applicable instruction or directive
Answers
D.
Security concept of operation
D.
Security concept of operation
Answers
Suggested answer: A

Question 208

Report
Export
Collapse

Which of the following security controls will you use for the deployment phase of the SDLC to build secure software Each correct answer represents a complete solution. Choose all that apply.

A.
Risk Adjustments
A.
Risk Adjustments
Answers
B.
Security Certification and Accreditation (C&A)
B.
Security Certification and Accreditation (C&A)
Answers
C.
Vulnerability Assessment and Penetration Testing
C.
Vulnerability Assessment and Penetration Testing
Answers
D.
Change and Configuration Control
D.
Change and Configuration Control
Answers
Suggested answer: A, B, C

Question 209

Report
Export
Collapse

Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities

A.
Advisory memoranda
A.
Advisory memoranda
Answers
B.
Directives
B.
Directives
Answers
C.
Instructions
C.
Instructions
Answers
D.
Policies
D.
Policies
Answers
Suggested answer: D

Question 210

Report
Export
Collapse

Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted by the National Security Agency for protecting classified information

A.
Type III cryptography
A.
Type III cryptography
Answers
B.
Type III (E) cryptography
B.
Type III (E) cryptography
Answers
C.
Type II cryptography
C.
Type II cryptography
Answers
D.
Type I cryptography
D.
Type I cryptography
Answers
Suggested answer: D
Total 214 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms