ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSEP

ISC CISSP-ISSEP Practice Test - Questions Answers, Page 22

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support
Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities
Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system
Which of the following individuals are part of the senior management and are responsible for authorization of individual systems, approving enterprise solutions, establishing security policies, providing funds, and maintaining an understanding of risks at all levels Each correct answer represents a complete solution. Choose all that apply.
You work as a systems engineer for BlueWell Inc. You want to communicate the quantitative and qualitative system characteristics to all stakeholders. Which of the following documents will you use to achieve the above task
Which of the following areas of information system, as separated by Information Assurance Framework, is a collection of local computing devices, regardless of physical location, that are interconnected via local area networks (LANs) and governed by a single security policy
Which of the following is the application of statistical methods to the monitoring and control of a process to ensure that it operates at its full potential to produce conforming product
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event
Which of the following phases of NIST SP 800-37 C&A methodology examines the residual risk for acceptability, and prepares the final security accreditation package
Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one

Question 211

Report
Export
Collapse

Which of the following are the major tasks of risk management Each correct answer represents a complete solution. Choose two.

A.
Risk identification
A.
Risk identification
Answers
B.
Building Risk free systems
B.
Building Risk free systems
Answers
C.
Assuring the integrity of organizational data
C.
Assuring the integrity of organizational data
Answers
D.
Risk control
D.
Risk control
Answers
Suggested answer: A, D

Question 212

Report
Export
Collapse

You are working as a project manager in your organization. You are nearing the final stages of project execution and looking towards the final risk monitoring and controlling activities. For your project archives, which one of the following is an output of risk monitoring and control

A.
Quantitative risk analysis
A.
Quantitative risk analysis
Answers
B.
Risk audits
B.
Risk audits
Answers
C.
Requested changes
C.
Requested changes
Answers
D.
Qualitative risk analysis
D.
Qualitative risk analysis
Answers
Suggested answer: C

Question 213

Report
Export
Collapse

Continuous Monitoring is the fourth phase of the security certification and accreditation process. What activities are performed in the Continuous Monitoring process Each correct answer represents a complete solution. Choose all that apply.

A.
Status reporting and documentation
A.
Status reporting and documentation
Answers
B.
Security control monitoring and impact analyses of changes to the information system
B.
Security control monitoring and impact analyses of changes to the information system
Answers
C.
Configuration management and control
C.
Configuration management and control
Answers
D.
Security accreditation documentation
D.
Security accreditation documentation
Answers
E.
Security accreditation decision
E.
Security accreditation decision
Answers
Suggested answer: A, B, C

Question 214

Report
Export
Collapse

Which of the following organizations incorporates building secure audio and video communications equipment, making tamper protection products, and providing trusted microelectronics solutions

A.
DTIC
A.
DTIC
Answers
B.
NSA IAD
B.
NSA IAD
Answers
C.
DIAP
C.
DIAP
Answers
D.
DARPA
D.
DARPA
Answers
Suggested answer: B

Explanation:


Total 214 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms