ISC CISSP-ISSEP Actual Free Exam Questions & Community Discussion
Which of the following are the subtasks of the Define Life-Cycle Process Concepts task? Each correct answer represents a complete solution. Choose all that apply.
Correct Answer: A,B,C
Vote an answer
Which of the following is NOT used in the practice of Information Assurance (IA) to define assurance requirements?
Correct Answer: C
Vote an answer
Fill in the blank with the appropriate phrase.
The ____________ is the risk that remains after the implementation of new or enhanced controls.
The ____________ is the risk that remains after the implementation of new or enhanced controls.
Correct Answer: A
Vote an answer
What NIACAP certification levels are recommended by the certifier? Each correct answer represents a complete solution. Choose all that apply.
Correct Answer: C,D,E,F
Vote an answer
Your project has several risks that may cause serious financial impact should they happen.
You have studied the risk events and made some potential risk responses for the risk events but management wants you to do more. They'd like for you to create some type of a chart that identified the risk probability and impact with a financial amount for each risk event.
What is the likely outcome of creating this type of chart?
You have studied the risk events and made some potential risk responses for the risk events but management wants you to do more. They'd like for you to create some type of a chart that identified the risk probability and impact with a financial amount for each risk event.
What is the likely outcome of creating this type of chart?
Correct Answer: D
Vote an answer
Certification and Accreditation (C&A or CnA) is a process for implementing information security.
Which of the following is the correct order of C&A phases in a DITSCAP assessment?
Which of the following is the correct order of C&A phases in a DITSCAP assessment?
Correct Answer: C
Vote an answer
Fill in the blank with an appropriate section name. _________________ is a section of the SEMP template, which specifies the methods and reasoning planned to build the requisite trade-offs between functionality, performance, cost, and risk.
Correct Answer: A
Vote an answer
Which of the following documents is described in the statement below It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning.
Correct Answer: B
Vote an answer
Which of the following sections of the SEMP template defines the project constraints, to include constraints on funding, personnel, facilities, manufacturing capability and capacity, critical resources, and other constraints?
Correct Answer: A
Vote an answer
Which of the following are the ways of sending secure e-mail messages over the Internet? Each correct answer represents a complete solution. Choose two.
Correct Answer: B,C
Vote an answer
Which of the following acts assigns the Chief Information Officers (CIO) with the responsibility to develop Information Technology Architectures (ITAs) and is also referred to as the Information Technology Management Reform Act (ITMRA) ?
Correct Answer: B
Vote an answer
Which of the following is a 1996 United States federal law, designed to improve the way the federal government acquires, uses, and disposes information technology?
Correct Answer: B
Vote an answer
Which of the following categories of system specification describes the technical requirements that cover a service, which is performed on a component of the system?
Correct Answer: B
Vote an answer
What are the responsibilities of a system owner? Each correct answer represents a complete solution. Choose all that apply.
Correct Answer: A,B,C
Vote an answer
0
0
0
10