ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSEP

ISC CISSP-ISSEP Practice Test - Questions Answers, Page 5

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support
Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities
Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system
Which of the following individuals are part of the senior management and are responsible for authorization of individual systems, approving enterprise solutions, establishing security policies, providing funds, and maintaining an understanding of risks at all levels Each correct answer represents a complete solution. Choose all that apply.
You work as a systems engineer for BlueWell Inc. You want to communicate the quantitative and qualitative system characteristics to all stakeholders. Which of the following documents will you use to achieve the above task
Which of the following areas of information system, as separated by Information Assurance Framework, is a collection of local computing devices, regardless of physical location, that are interconnected via local area networks (LANs) and governed by a single security policy
Which of the following is the application of statistical methods to the monitoring and control of a process to ensure that it operates at its full potential to produce conforming product
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event
Which of the following phases of NIST SP 800-37 C&A methodology examines the residual risk for acceptability, and prepares the final security accreditation package
Which of the following protocols is used to establish a secure terminal to a remote network device

Question 41

Report
Export
Collapse

Which of the following agencies serves the DoD community as the largest central resource for DoD and government-funded scientific, technical, engineering, and business related information available today

A.
DISA
A.
DISA
Answers
B.
DIAP
B.
DIAP
Answers
C.
DTIC
C.
DTIC
Answers
D.
DARPA
D.
DARPA
Answers
Suggested answer: C

Question 42

Report
Export
Collapse

You work as a system engineer for BlueWell Inc. You want to verify that the build meets its data requirements, and correctly generates each expected display and report. Which of the following tests will help you to perform the above task

A.
Functional test
A.
Functional test
Answers
B.
Reliability test
B.
Reliability test
Answers
C.
Performance test
C.
Performance test
Answers
D.
Regression test
D.
Regression test
Answers
Suggested answer: A

Question 43

Report
Export
Collapse

You work as a system engineer for BlueWell Inc. Which of the following documents will help you to describe the detailed plans, procedures, and schedules to guide the transition process

A.
Configuration management plan
A.
Configuration management plan
Answers
B.
Transition plan
B.
Transition plan
Answers
C.
Systems engineering management plan (SEMP)
C.
Systems engineering management plan (SEMP)
Answers
D.
Acquisition plan
D.
Acquisition plan
Answers
Suggested answer: B

Question 44

Report
Export
Collapse

Which of the following policies describes the national policy on the secure electronic messaging service

A.
NSTISSP No. 11
A.
NSTISSP No. 11
Answers
B.
NSTISSP No. 7
B.
NSTISSP No. 7
Answers
C.
NSTISSP No. 6
C.
NSTISSP No. 6
Answers
D.
NSTISSP No. 101
D.
NSTISSP No. 101
Answers
Suggested answer: B

Question 45

Report
Export
Collapse

Which of the following is a subset discipline of Corporate Governance focused on information security systems and their performance and risk management

A.
Computer Misuse Act
A.
Computer Misuse Act
Answers
B.
Clinger-Cohen Act
B.
Clinger-Cohen Act
Answers
C.
ISG
C.
ISG
Answers
D.
Lanham Act
D.
Lanham Act
Answers
Suggested answer: C

Question 46

Report
Export
Collapse

Which of the following principles are defined by the IATF model Each correct answer represents a complete solution. Choose all that apply.

A.
The degree to which the security of the system, as it is defined, designed, and implemented, meets the security needs.
A.
The degree to which the security of the system, as it is defined, designed, and implemented, meets the security needs.
Answers
B.
The problem space is defined by the customer's mission or business needs.
B.
The problem space is defined by the customer's mission or business needs.
Answers
C.
The systems engineer and information systems security engineer define the solution space, which is driven by the problem space.
C.
The systems engineer and information systems security engineer define the solution space, which is driven by the problem space.
Answers
D.
Always keep the problem and solution spaces separate.
D.
Always keep the problem and solution spaces separate.
Answers
Suggested answer: B, C, D

Question 47

Report
Export
Collapse

Which of the following cooperative programs carried out by NIST conducts research to advance the nation's technology infrastructure

A.
Manufacturing Extension Partnership
A.
Manufacturing Extension Partnership
Answers
B.
NIST Laboratories
B.
NIST Laboratories
Answers
C.
Baldrige National Quality Program
C.
Baldrige National Quality Program
Answers
D.
Advanced Technology Program
D.
Advanced Technology Program
Answers
Suggested answer: B

Question 48

Report
Export
Collapse

Which of the following persons in an organization is responsible for rejecting or accepting the residual risk for a system

A.
System Owner
A.
System Owner
Answers
B.
Information Systems Security Officer (ISSO)
B.
Information Systems Security Officer (ISSO)
Answers
C.
Designated Approving Authority (DAA)
C.
Designated Approving Authority (DAA)
Answers
D.
Chief Information Security Officer (CISO)
D.
Chief Information Security Officer (CISO)
Answers
Suggested answer: C

Question 49

Report
Export
Collapse

Which of the following assessment methodologies defines a six-step technical security evaluation

A.
FITSAF
A.
FITSAF
Answers
B.
OCTAVE
B.
OCTAVE
Answers
C.
FIPS 102
C.
FIPS 102
Answers
D.
DITSCAP
D.
DITSCAP
Answers
Suggested answer: C

Question 50

Report
Export
Collapse

What are the subordinate tasks of the Implement and Validate Assigned IA Control phase in the DIACAP process Each correct answer represents a complete solution. Choose all that apply.

A.
Conduct activities related to the disposition of the system data and objects.
A.
Conduct activities related to the disposition of the system data and objects.
Answers
B.
Combine validation results in DIACAP scorecard.
B.
Combine validation results in DIACAP scorecard.
Answers
C.
Conduct validation activities.
C.
Conduct validation activities.
Answers
D.
Execute and update IA implementation plan.
D.
Execute and update IA implementation plan.
Answers
Suggested answer: B, C, D
Total 214 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms