Home

Home / ISC / CISSP-ISSEP

Question list

List of questions

Question 1

(0)

FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows tha

Question 2

(0)

Which of the following is a type of security management for computers and networks in order to identify security breaches

Question 3

(0)

Which of the following types of firewalls increases the security of data packets by remembering the state of connection at the network and the session layers as they pass through the filter

Question 4

(0)

Which of the following federal laws is designed to protect computer data from theft

Question 5

(0)

Which of the following is used to indicate that the software has met a defined quality level and is ready for mass distribution either by electronic means or by physical media

Question 6

(0)

Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are

Question 7

(0)

Which of the following professionals is responsible for starting the Certification & Accreditation (C&A) process

Question 8

(0)

Which of the following security controls is a set of layered security services that address communications and data security problems in the emerging Internet and intranet application space

Question 9

(0)

Which of the following protocols is used to establish a secure terminal to a remote network device

Question 10

(0)

Which of the following elements of Registration task 4 defines the system's external interfaces as well as the purpose of each external interface, and the relationship between the interface and the

Open VPLUS File

Convert VPLUS to PDF

Related questions

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support

You work as a systems engineer for BlueWell Inc. You want to communicate the quantitative and qualitative system characteristics to all stakeholders. Which of the following documents will you use to achieve the above task

Which of the following phases of NIST SP 800-37 C&A methodology examines the residual risk for acceptability, and prepares the final security accreditation package

Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities

Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system

Which of the following individuals are part of the senior management and are responsible for authorization of individual systems, approving enterprise solutions, establishing security policies, providing funds, and maintaining an understanding of risks at all levels Each correct answer represents a complete solution. Choose all that apply.

Which of the following agencies provides command and control capabilities and enterprise infrastructure to continuously operate and assure a global net-centric enterprise in direct support to joint warfighters, National level leaders, and other mission and coalition partners across the full spectrum of operations

Which of the following areas of information system, as separated by Information Assurance Framework, is a collection of local computing devices, regardless of physical location, that are interconnected via local area networks (LANs) and governed by a single security policy

Which of the following is the application of statistical methods to the monitoring and control of a process to ensure that it operates at its full potential to produce conforming product

Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event

Question 48 - CISSP-ISSEP discussion

Report

Which of the following persons in an organization is responsible for rejecting or accepting the residual risk for a system

A.

System Owner

B.

Information Systems Security Officer (ISSO)

C.

Designated Approving Authority (DAA)

D.

Chief Information Security Officer (CISO)

Show Answer

asked 18/09/2024

Andrea Trivisonno

31 questions

User

Your answer: A B C D

0 comments

Sorted by

Leave a comment first