ISC ISSEP Exam Questions Free Practice Test

Viewing page 3 out of 7 pages

Viewing questions 21-30 out of questions

Questions # 21:

Which of the following documents is described in the statement below It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning.

Options:

Risk management plan

Project charter

Quality management plan

Risk register

Expert Solution

Questions # 22:

The Concept of Operations (CONOPS) is a document describing the characteristics of a proposed system from the viewpoint of an individual who will use that system. Which of the following points are included in CONOPS Each correct answer represents a complete solution. Choose all that apply.

Options:

Strategies, tactics, policies, and constraints affecting the system

Organizations, activities, and interactions among participants and stakeholders

Statement of the structure of the system

Clear statement of responsibilities and authorities delegated

Statement of the goals and objectives of the system

Expert Solution

Questions # 23:

Which of the following areas of information system, as separated by Information Assurance Framework, is a collection of local computing devices, regardless of physical location, that are interconnected via local area networks (LANs) and governed by a single security policy

Options:

Networks and Infrastructures

Supporting Infrastructures

Enclave Boundaries

Local Computing Environments

Expert Solution

Questions # 24:

Which of the following processes provides a standard set of activities, general tasks, and a management structure to certify and accredit systems, which maintain the information assurance and the security posture of a system or site

Options:

ASSET

NSA-IAM

NIACAP

DITSCAP

Expert Solution

Questions # 25:

Fill in the blank with the appropriate phrase. __________ provides instructions and directions for completing the Systems Security Authorization Agreement (SSAA).

Options:

DoDI 5200.40

Expert Solution

Questions # 26:

Which of the following configuration management system processes defines which items will be configuration managed, how they are to be identified, and how they are to be documented

Options:

Configuration verification and audit

Configuration control

Configuration status accounting

Configuration identification

Expert Solution

Questions # 27:

Which of the following security controls works as the totality of protection mechanisms within a computer system, including hardware, firmware, and software, the combination of which is responsible for enforcing a security policy

Options:

Trusted computing base (TCB)

Common data security architecture (CDSA)

Internet Protocol Security (IPSec)

Application program interface (API)

Expert Solution

Questions # 28:

The phase 3 of the Risk Management Framework (RMF) process is known as mitigation planning. Which of the following processes take place in phase 3 Each correct answer represents a complete solution. Choose all that apply.

Options:

Agree on a strategy to mitigate risks.

Evaluate mitigation progress and plan next assessment.

Identify threats, vulnerabilities, and controls that will be evaluated.

Document and implement a mitigation plan.

Expert Solution

Questions # 29:

Which of the following DoD directives is referred to as the Defense Automation Resources Management Manual

Options:

DoD 8910.1

DoD 7950.1-M

DoD 5200.22-M

DoD 5200.1-R

DoDD 8000.1

Expert Solution

Questions # 30:

Which of the following is a temporary approval to operate based on an assessment of the implementation status of the assigned IA Controls

Options:

IATO

DATO

ATO

IATT

Expert Solution

Viewing page 3 out of 7 pages

Viewing questions 21-30 out of questions

Pass the ISC ISC certification ISSEP Questions and answers with CertsForce