1. Home
  2. ISC
  3. ISC certification
  4. ISSEP
  5. ISSEP Information Systems Security Engineering Professional Questions and Answers

Pass the ISC ISC certification ISSEP Questions and answers with CertsForce

 ISC Exams      Go to Exam Detail      Get Premium Access
Viewing page 6 out of 7 pages
Viewing questions 51-60 out of questions
Questions # 51:

Which of the following phases of NIST SP 800-37 C&A methodology examines the residual risk for acceptability, and prepares the final security accreditation package

Options:
A.

Initiation

B.

Security Certification

C.

Continuous Monitoring

D.

Security Accreditation

Expert Solution
Questions # 52:

You have been tasked with finding an encryption methodology that will encrypt most types of email attachments. The requirements are that your solution must use the RSA algorithm. Which of the following is your best choice

Options:
A.

PGP

B.

SMIME

C.

DES

D.

Blowfish

Expert Solution
Questions # 53:

NIST SP 800-53A defines three types of interview depending on the level of assessment conducted. Which of the following NIST SP 800-53A interviews consists of informal and ad hoc interviews

Options:
A.

Abbreviated

B.

Significant

C.

Substantial

D.

Comprehensive

Expert Solution
Questions # 54:

Which of the following documents is defined as a source document, which is most useful for the ISSE when classifying the needed security functionality

Options:
A.

Information Protection Policy (IPP)

B.

IMM

C.

System Security Context

D.

CONOPS

Expert Solution
Questions # 55:

Which of the following types of firewalls increases the security of data packets by remembering the state of connection at the network and the session layers as they pass through the filter

Options:
A.

Stateless packet filter firewall

B.

PIX firewall

C.

Stateful packet filter firewall

D.

Virtual firewall

Expert Solution
Questions # 56:

Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event

Options:
A.

Earned value management

B.

Risk audit

C.

Corrective action

D.

Technical performance measurement

Expert Solution
Questions # 57:

Which of the following Security Control Assessment Tasks evaluates the operational, technical, and the management security controls of the information system using the techniques and measures selected or developed

Options:
A.

Security Control Assessment Task 3

B.

Security Control Assessment Task 1

C.

Security Control Assessment Task 4

D.

Security Control Assessment Task 2

Expert Solution
Questions # 58:

Which of the following elements of Registration task 4 defines the operating system, database management system, and software applications, and how they will be used

Options:
A.

System firmware

B.

System interface

C.

System software

D.

System hardware

Expert Solution
Questions # 59:

Which of the following categories of system specification describes the technical requirements that cover a service, which is performed on a component of the system

Options:
A.

Product specification

B.

Process specification

C.

Material specification

D.

Development specification

Expert Solution
Questions # 60:

You work as a systems engineer for BlueWell Inc. You want to protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. Which of the following processes will you use to accomplish the task

Options:
A.

Information Assurance (IA)

B.

Risk Management

C.

Risk Analysis

D.

Information Systems Security Engineering (ISSE)

Expert Solution
Viewing page 6 out of 7 pages
Viewing questions 51-60 out of questions