ExamGecko
Search Search Login
Home Home / ISC / CISSP-ISSEP

ISC CISSP-ISSEP Practice Test - Questions Answers, Page 6

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support
You work as a systems engineer for BlueWell Inc. You want to communicate the quantitative and qualitative system characteristics to all stakeholders. Which of the following documents will you use to achieve the above task
Which of the following phases of NIST SP 800-37 C&A methodology examines the residual risk for acceptability, and prepares the final security accreditation package
Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities
Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system
Which of the following individuals are part of the senior management and are responsible for authorization of individual systems, approving enterprise solutions, establishing security policies, providing funds, and maintaining an understanding of risks at all levels Each correct answer represents a complete solution. Choose all that apply.
Which of the following agencies provides command and control capabilities and enterprise infrastructure to continuously operate and assure a global net-centric enterprise in direct support to joint warfighters, National level leaders, and other mission and coalition partners across the full spectrum of operations
Which of the following areas of information system, as separated by Information Assurance Framework, is a collection of local computing devices, regardless of physical location, that are interconnected via local area networks (LANs) and governed by a single security policy
Which of the following is the application of statistical methods to the monitoring and control of a process to ensure that it operates at its full potential to produce conforming product
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event

Question 51

Report
Export
Collapse

Which of the following memorandums reminds the Federal agencies that it is required by law and policy to establish clear privacy policies for Web activities and to comply with those policies

A.
OMB M-01-08
A.
OMB M-01-08
Answers
B.
OMB M-03-19
B.
OMB M-03-19
Answers
C.
OMB M-00-07
C.
OMB M-00-07
Answers
D.
OMB M-00-13
D.
OMB M-00-13
Answers
Suggested answer: D

Question 52

Report
Export
Collapse

Lisa is the project manager of the SQL project for her company. She has completed the risk response planning with her project team and is now ready to update the risk register to reflect the risk response. Which of the following statements best describes the level of detail Lisa should include with the risk responses she has created

A.
The level of detail must define exactly the risk response for each identified risk.
A.
The level of detail must define exactly the risk response for each identified risk.
Answers
B.
The level of detail is set of project risk governance.
B.
The level of detail is set of project risk governance.
Answers
C.
The level of detail is set by historical information.
C.
The level of detail is set by historical information.
Answers
D.
The level of detail should correspond with the priority ranking.
D.
The level of detail should correspond with the priority ranking.
Answers
Suggested answer: D

Question 53

Report
Export
Collapse

You work as a security manager for BlueWell Inc. You are going through the NIST SP 800-37 C&A methodology, which is based on four well defined phases. In which of the following phases of NIST SP 800-37 C&A methodology does the security categorization occur

A.
Continuous Monitoring
A.
Continuous Monitoring
Answers
B.
Initiation
B.
Initiation
Answers
C.
Security Certification
C.
Security Certification
Answers
D.
Security Accreditation
D.
Security Accreditation
Answers
Suggested answer: B

Question 54

Report
Export
Collapse

You work as a systems engineer for BlueWell Inc. You are working on translating system requirements into detailed function criteria. Which of the following diagrams will help you to show all of the function requirements and their groupings in one diagram

A.
Activity diagram
A.
Activity diagram
Answers
B.
Functional flow block diagram (FFBD)
B.
Functional flow block diagram (FFBD)
Answers
C.
Functional hierarchy diagram
C.
Functional hierarchy diagram
Answers
D.
Timeline analysis diagram
D.
Timeline analysis diagram
Answers
Suggested answer: C

Question 55

Report
Export
Collapse

Which of the following phases of DITSCAP includes the activities that are necessary for the continuing operation of an accredited IT system in its computing environment and for addressing the changing threats that a system faces throughout its life cycle

A.
Phase 1, Definition
A.
Phase 1, Definition
Answers
B.
Phase 3, Validation
B.
Phase 3, Validation
Answers
C.
Phase 4, Post Accreditation Phase
C.
Phase 4, Post Accreditation Phase
Answers
D.
Phase 2, Verification
D.
Phase 2, Verification
Answers
Suggested answer: C

Question 56

Report
Export
Collapse

Which of the following Security Control Assessment Tasks evaluates the operational, technical, and the management security controls of the information system using the techniques and measures selected or developed

A.
Security Control Assessment Task 3
A.
Security Control Assessment Task 3
Answers
B.
Security Control Assessment Task 1
B.
Security Control Assessment Task 1
Answers
C.
Security Control Assessment Task 4
C.
Security Control Assessment Task 4
Answers
D.
Security Control Assessment Task 2
D.
Security Control Assessment Task 2
Answers
Suggested answer: A

Question 57

Report
Export
Collapse

The Phase 2 of DITSCAP C&A is known as Verification. The goal of this phase is to obtain a fully integrated system for certification testing and accreditation.

What are the process activities of this phase Each correct answer represents a complete solution. Choose all that apply.

A.
Assessment of the Analysis Results
A.
Assessment of the Analysis Results
Answers
B.
Certification analysis
B.
Certification analysis
Answers
C.
Registration
C.
Registration
Answers
D.
System development
D.
System development
Answers
E.
Configuring refinement of the SSAA
E.
Configuring refinement of the SSAA
Answers
Suggested answer: A, B, D, E

Question 58

Report
Export
Collapse

You work as a Network Administrator for PassGuide Inc. You need to secure web services of your company in order to have secure transactions. Which of the following will you recommend for providing security

A.
HTTP
A.
HTTP
Answers
B.
VPN
B.
VPN
Answers
C.
SMIME
C.
SMIME
Answers
D.
SSL
D.
SSL
Answers
Suggested answer: D

Question 59

Report
Export
Collapse

Which of the following processes illustrate the study of a technical nature of interest to focused audience, and consist of interim or final reports on work made by

NIST for external sponsors, including government and non-government sponsors

A.
Federal Information Processing Standards (FIPS)
A.
Federal Information Processing Standards (FIPS)
Answers
B.
Special Publication (SP)
B.
Special Publication (SP)
Answers
C.
NISTIRs (Internal Reports)
C.
NISTIRs (Internal Reports)
Answers
D.
DIACAP
D.
DIACAP
Answers
Suggested answer: C

Question 60

Report
Export
Collapse

SIMULATION Fill in the blank with an appropriate phrase. __________ seeks to improve the quality of process outputs by identifying and removing the causes of defects and variability in manufacturing and business processes.

A.
Six Sigma
A.
Six Sigma
Answers
Suggested answer: A
Total 214 questions
Go to page: of 22
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms