ExamGecko
Login
Home / ISC / CISSP-ISSEP / List of questions
Ask Question

ISC CISSP-ISSEP Practice Test - Questions Answers, Page 3

List of questions

Question 21

Report Export Collapse

DoD 8500.2 establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels. Which of the following MAC levels requires basic integrity and availability

MAC I
MAC I
MAC II
MAC II
MAC IV
MAC IV
MAC III
MAC III
Suggested answer: D
asked 18/09/2024
Marc Aurele ALLOTCHENOU
40 questions

Question 22

Report Export Collapse

What are the responsibilities of a system owner Each correct answer represents a complete solution. Choose all that apply.

Integrates security considerations into application and system purchasing decisions and development projects.
Integrates security considerations into application and system purchasing decisions and development projects.
Ensures that the necessary security controls are in place.
Ensures that the necessary security controls are in place.
Ensures that adequate security is being provided by the necessary controls, password management, remote access controls, operating system configurations, and so on.
Ensures that adequate security is being provided by the necessary controls, password management, remote access controls, operating system configurations, and so on.
Ensures that the systems are properly assessed for vulnerabilities and must report any to the incident response team and data owner.
Ensures that the systems are properly assessed for vulnerabilities and must report any to the incident response team and data owner.
Suggested answer: A, C, D
asked 18/09/2024
Szymon Strzep
45 questions

Question 23

Report Export Collapse

Which of the following Registration Tasks sets up the business or operational functional description and system identification

Registration Task 2
Registration Task 2
Registration Task 1
Registration Task 1
Registration Task 3
Registration Task 3
Registration Task 4
Registration Task 4
Suggested answer: B
asked 18/09/2024
Pedro Faro
38 questions

Question 24

Report Export Collapse

SIMULATION

Fill in the blank with an appropriate section name. _________________ is a section of the SEMP template, which specifies the methods and reasoning planned to build the requisite trade-offs between functionality, performance, cost, and risk.

System Analysis
System Analysis
Suggested answer: A
asked 18/09/2024
ftere yagoglu
49 questions

Question 25

Report Export Collapse

Which of the following federal agencies provides a forum for the discussion of policy issues, sets national policy, and promulgates direction, operational procedures, and guidance for the security of national security systems

National Security AgencyCentral Security Service (NSACSS)
National Security AgencyCentral Security Service (NSACSS)
National Institute of Standards and Technology (NIST)
National Institute of Standards and Technology (NIST)
United States Congress
United States Congress
Committee on National Security Systems (CNSS)
Committee on National Security Systems (CNSS)
Suggested answer: D
asked 18/09/2024
Miguel Seron Blasco
33 questions

Question 26

Report Export Collapse

Which of the following statements is true about residual risks

It can be considered as an indicator of threats coupled with vulnerability.
It can be considered as an indicator of threats coupled with vulnerability.
It is a weakness or lack of safeguard that can be exploited by a threat.
It is a weakness or lack of safeguard that can be exploited by a threat.
It is the probabilistic risk after implementing all security measures.
It is the probabilistic risk after implementing all security measures.
It is the probabilistic risk before implementing all security measures.
It is the probabilistic risk before implementing all security measures.
Suggested answer: C
asked 18/09/2024
Mathias Gontek
46 questions

Question 27

Report Export Collapse

According to U.S. Department of Defense (DoD) Instruction 8500.2, there are eight Information Assurance (IA) areas, and the controls are referred to as IA controls. Which of the following are among the eight areas of IA defined by DoD Each correct answer represents a complete solution. Choose all that apply.

DC Security Design & Configuration
DC Security Design & Configuration
EC Enclave and Computing Environment
EC Enclave and Computing Environment
VI Vulnerability and Incident Management
VI Vulnerability and Incident Management
Information systems acquisition, development, and maintenance
Information systems acquisition, development, and maintenance
Suggested answer: A, B, C
asked 18/09/2024
José Gonçalves
36 questions

Question 28

Report Export Collapse

Certification and Accreditation (C&A or CnA) is a process for implementing information security. It is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to or after a system is in operation. Which of the following statements are true about Certification and Accreditation Each correct answer represents a complete solution. Choose two.

Accreditation is a comprehensive assessment of the management, operational, and technical security controls in an information system.
Accreditation is a comprehensive assessment of the management, operational, and technical security controls in an information system.
Accreditation is the official management decision given by a senior agency official to authorize operation of an information system.
Accreditation is the official management decision given by a senior agency official to authorize operation of an information system.
Certification is a comprehensive assessment of the management, operational, and technical security controls in an information system.
Certification is a comprehensive assessment of the management, operational, and technical security controls in an information system.
Certification is the official management decision given by a senior agency official to authorize operation of an information system.
Certification is the official management decision given by a senior agency official to authorize operation of an information system.
Suggested answer: B, C
asked 18/09/2024
Luca Arcuri
36 questions

Question 29

Report Export Collapse

Which of the following protocols is built in the Web server and browser to encrypt data traveling over the Internet

UDP
UDP
SSL
SSL
IPSec
IPSec
HTTP
HTTP
Suggested answer: B
asked 18/09/2024
Synathia Imafidon
49 questions

Question 30

Report Export Collapse

Which of the following configuration management system processes defines which items will be configuration managed, how they are to be identified, and how they are to be documented

Configuration verification and audit
Configuration verification and audit
Configuration control
Configuration control
Configuration status accounting
Configuration status accounting
Configuration identification
Configuration identification
Suggested answer: D
asked 18/09/2024
Vipul Ishan
44 questions
Total 214 questions
Go to page: of 22
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support
You have been tasked with finding an encryption methodology that will encrypt most types of email attachments. The requirements are that your solution must use the RSA algorithm. Which of the following is your best choice
DoD 8500.2 establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels. Which of the following MAC levels requires basic integrity and availability
Numerous information security standards promote good security practices and define frameworks or systems to structure the analysis and design for managing information security controls. Which of the following are the U.S. Federal Government information security standards Each correct answer represents a complete solution. Choose all that apply.
The Concept of Operations (CONOPS) is a document describing the characteristics of a proposed system from the viewpoint of an individual who will use that system. Which of the following points are included in CONOPS Each correct answer represents a complete solution. Choose all that apply.
A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. What are the different types of policies Each correct answer represents a complete solution. Choose all that apply.
Which of the following statements define the role of the ISSEP during the development of the detailed security design, as mentioned in the IATF document Each correct answer represents a complete solution. Choose all that apply.
Which of the following documents is described in the statement below It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning.
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event
What NIACAP certification levels are recommended by the certifier Each correct answer represents a complete solution. Choose all that apply.