ExamGecko
Login
Home / ISC / CISSP-ISSEP / List of questions
Ask Question

ISC CISSP-ISSEP Practice Test - Questions Answers, Page 8

List of questions

Question 71

Report Export Collapse

Which of the following refers to an information security document that is used in the United States Department of Defense (DoD) to describe and accredit networks and systems

SSAA
SSAA
FITSAF
FITSAF
FIPS
FIPS
TCSEC
TCSEC
Suggested answer: A
asked 18/09/2024
Bernardo Garcia
49 questions

Question 72

Report Export Collapse

Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using

Risk acceptance
Risk acceptance
Risk mitigation
Risk mitigation
Risk avoidance
Risk avoidance
Risk transfer
Risk transfer
Suggested answer: D
asked 18/09/2024
Emmanuel ogoro
38 questions

Question 73

Report Export Collapse

Which of the following responsibilities are executed by the federal program manager

Ensure justification of expenditures and investment in systems engineering activities.
Ensure justification of expenditures and investment in systems engineering activities.
Coordinate activities to obtain funding.
Coordinate activities to obtain funding.
Review project deliverables.
Review project deliverables.
Review and approve project plans.
Review and approve project plans.
Suggested answer: A, B, D
asked 18/09/2024
Ksu doo Makek
53 questions

Question 74

Report Export Collapse

Which of the following approaches can be used to build a security program Each correct answer represents a complete solution. Choose all that apply.

Right-Up Approach
Right-Up Approach
Left-Up Approach
Left-Up Approach
Bottom-Up Approach
Bottom-Up Approach
Top-Down Approach
Top-Down Approach
Suggested answer: C, D
asked 18/09/2024
Matthew Sain
42 questions

Question 75

Report Export Collapse

SIMULATION

Fill in the blank with the appropriate phrase. __________ provides instructions and directions for completing the Systems Security Authorization Agreement (SSAA).

DoDI 5200.40
DoDI 5200.40
Suggested answer: A
asked 18/09/2024
Ajay Jaiswal
34 questions

Question 76

Report Export Collapse

Which of the following acts promote a risk-based policy for cost effective security Each correct answer represents a part of the solution. Choose all that apply.

Clinger-Cohen Act
Clinger-Cohen Act
Lanham Act
Lanham Act
Paperwork Reduction Act (PRA)
Paperwork Reduction Act (PRA)
Computer Misuse Act
Computer Misuse Act
Suggested answer: A, C
asked 18/09/2024
Melvin Bruijnaers
37 questions

Question 77

Report Export Collapse

Which of the following tasks prepares the technical management plan in planning the technical effort

Task 10
Task 10
Task 9
Task 9
Task 7
Task 7
Task 8
Task 8
Suggested answer: B
asked 18/09/2024
Jurriaan van Ingen
37 questions

Question 78

Report Export Collapse

Which of the following NIST Special Publication documents provides a guideline on network security testing

NIST SP 800-60
NIST SP 800-60
NIST SP 800-37
NIST SP 800-37
NIST SP 800-59
NIST SP 800-59
NIST SP 800-42
NIST SP 800-42
NIST SP 800-53A
NIST SP 800-53A
NIST SP 800-53
NIST SP 800-53
Suggested answer: D
asked 18/09/2024
Rajeev R Kumar
44 questions

Question 79

Report Export Collapse

Which of the following Registration Tasks sets up the system architecture description, and describes the C&A boundary

Registration Task 3
Registration Task 3
Registration Task 4
Registration Task 4
Registration Task 2
Registration Task 2
Registration Task 1
Registration Task 1
Suggested answer: B
asked 18/09/2024
Gilbert Ciepluch
60 questions

Question 80

Report Export Collapse

Stella works as a system engineer for BlueWell Inc. She wants to identify the performance thresholds of each build. Which of the following tests will help Stella to achieve her task

Regression test
Regression test
Reliability test
Reliability test
Functional test
Functional test
Performance test
Performance test
Suggested answer: D
asked 18/09/2024
Dereque Datson
47 questions
Total 214 questions
Go to page: of 22
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support
You have been tasked with finding an encryption methodology that will encrypt most types of email attachments. The requirements are that your solution must use the RSA algorithm. Which of the following is your best choice
DoD 8500.2 establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels. Which of the following MAC levels requires basic integrity and availability
Numerous information security standards promote good security practices and define frameworks or systems to structure the analysis and design for managing information security controls. Which of the following are the U.S. Federal Government information security standards Each correct answer represents a complete solution. Choose all that apply.
The Concept of Operations (CONOPS) is a document describing the characteristics of a proposed system from the viewpoint of an individual who will use that system. Which of the following points are included in CONOPS Each correct answer represents a complete solution. Choose all that apply.
A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. What are the different types of policies Each correct answer represents a complete solution. Choose all that apply.
Which of the following statements define the role of the ISSEP during the development of the detailed security design, as mentioned in the IATF document Each correct answer represents a complete solution. Choose all that apply.
Which of the following documents is described in the statement below It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning.
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event
What NIACAP certification levels are recommended by the certifier Each correct answer represents a complete solution. Choose all that apply.