ISC2-CAP MCQs and Practice Test

https://killexams.com/pass4sure/exam-detail/ISC2-CAP
Download PDF for ISC2-CAP


ISC2 CAP MCQs

ISC2 CAP Exam Questions ISC2 CAP Practice Test ISC2 CAP TestPrep

ISC2 CAP Study Guide


killexams.com


ISC2


ISC2 CAP

Certified Authorization Professional


https://killexams.com/pass4sure/exam-detail/ISC2-CAP

Download PDF for ISC2-CAP




Question: 381

Which one of the following is the only output for the qualitative risk analysis process?


  1. Enterprise environmental factors

  2. Project management plan

  3. Risk register updates

  4. Organizational process assets




Answer: C




Question: 382

Which of the following RMF phases is known as risk analysis?


  1. Phase 0

  2. Phase 1

  3. Phase 2

  4. Phase 3




Answer: C




Question: 383

You work as a project manager for BlueWell Inc. There has been a delay in your project work that is adversely affecting the project schedule. You decided, with your stakeholders' approval, to fast track the project work to get the project done faster. When you fast track the project which of the following are likely to increase?


  1. Risks

  2. Human resource needs

  3. Quality control concerns

  4. Costs




Answer: A




Question: 384

An authentication method uses smart cards as well as usernames and passwords for authentication. Which of the following authentication methods is being referred to?


  1. Anonymous

  2. Multi-factor

  3. Biometrics

  4. Mutual




Answer: B




Question: 385

In 2003, NIST developed a new Certification & Accreditation (C&A) guideline known as FIPS

199. What levels of potential impact are defined by FIPS 199? Each correct answer represents a

complete solution. Choose all that apply.


  1. Low

  2. Moderate

  3. High

  4. Medium




Answer: A, C, D




Question: 386

Which of the following is NOT an objective of the security program?


  1. Security organization

  2. Security plan

  3. Security education

  4. Information classification




Answer: B


Walter is the project manager of a large construction project. He'll be working with several vendors on the project. Vendors will be providing materials and labor for several parts of the project. Some of the works in the project are very dangerous so Walter has implemented safety requirements for all of the vendors and his own project team. Stakeholders for the project have added new requirements, which have caused new risks in the project. A vendor has identified a new risk that could affect the project if it comes into fruition. Walter agrees with the vendor and has updated the risk register and created potential risk responses to mitigate the risk. What should Walter also update in this scenario considering the risk event?


  1. Project contractual relationship with the vendor

  2. Project communications plan

  3. Project management plan

  4. Project scope statement




Answer: C




Question: 388

During which of the following processes, probability and impact matrix is prepared?


  1. Plan Risk Responses

  2. Perform Quantitative Risk Analysis

  3. Perform Qualitative Risk Analysis

  4. Monitoring and Control Risks




Answer: C




Question: 389

During qualitative risk analysis you want to define the risk urgency assessment. All of the following are indicators of risk priority except for which one?


  1. Symptoms

  2. Cost of the project

  3. Warning signs

  4. Risk rating




Answer: B


Which of the following statements about Discretionary Access Control List (DACL) is true?


  1. It is a rule list containing access control entries.

  2. It specifies whether an audit activity should be performed when an object attempts to access a resource.

  3. It is a list containing user accounts, groups, and computers that are allowed (or denied) access to the object.

  4. It is a unique number that identifies a user, group, and computer account




Answer: C




Question: 391

Which of the following is used to indicate that the software has met a defined quality level and is

ready for mass distribution either by electronic means or by physical media?


  1. DAA

  2. RTM

  3. ATM

  4. CRO




Answer: B




Question: 392

Which of the following processes is a structured approach to transitioning individuals, teams,

and organizations from a current state to a desired future state?


  1. Configuration management

  2. Procurement management

  3. Change management

  4. Risk management


A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. What are the different types of policies? Each correct answer represents a complete solution. Choose all that apply.


  1. Systematic

  2. Regulatory

  3. Advisory

  4. Informative




Answer: B, C, D




Question: 394

Which of the following is a standard that sets basic requirements for assessing the effectiveness

of computer security controls built into a computer system?


  1. TCSEC

  2. FIPS

  3. SSAA

  4. FITSAF




Answer: A




Question: 395

Which of the following statements correctly describes DIACAP residual risk?


  1. It is the remaining risk to the information system after risk palliation has occurred.

  2. It is a process of security authorization.

  3. It is the technical implementation of the security design.

  4. It is used to validate the information system.




Answer: A


KILLEXAMS.COM


Killexams.com is a leading online platform specializing in high-quality certification exam preparation. Offering a robust suite of tools, including MCQs, practice tests, and advanced test engines, Killexams.com empowers candidates to excel in their certification exams. Discover the key features that make Killexams.com the go-to choice for exam success.



Exam Questions:

Killexams.com provides exam questions that are experienced in test centers. These questions are updated regularly to ensure they are up-to-date and relevant to the latest exam syllabus. By studying these questions, candidates can familiarize themselves with the content and format of the real exam.


Exam MCQs:

Killexams.com offers exam MCQs in PDF format. These questions contain a comprehensive

collection of questions and answers that cover the exam topics. By using these MCQs, candidate can enhance their knowledge and improve their chances of success in the certification exam.


Practice Test:

Killexams.com provides practice test through their desktop test engine and online test engine. These practice tests simulate the real exam environment and help candidates assess their readiness for the actual exam. The practice test cover a wide range of questions and enable candidates to identify their strengths and weaknesses.


thorough preparation:

Killexams.com offers a success guarantee with the exam MCQs. Killexams claim that by using this materials, candidates will pass their exams on the first attempt or they will get refund for the purchase price. This guarantee provides assurance and confidence to individuals preparing for certification exam.


Updated Contents:

Killexams.com regularly updates its question bank of MCQs to ensure that they are current and reflect the latest changes in the exam syllabus. This helps candidates stay up-to-date with the exam content and increases their chances of success.

Back to Home