The value of ISC2 CAP practice test lies in the value of preparation for ISC2 ISC2 certification. Free downloadable ISC2 CAP exam dumps are offered at Testking web site. You can visit the home web page and check out the program, quality as well as usability of the ISC2 test demos before getting. Youd better require a quiz to locate out your weak details. Testking is the merely one web site which delivers the ISC2 braindumps for all items. You can download the particular ISC2 ISC2 free test engine for that upgraded CAP demos after paying.
2021 Sep CAP download
Q111. An authentication method uses smart cards as well as usernames and passwords for authentication. Which of the following authentication methods is being referred to?
A. Anonymous
B. Multi-factor
C. Biometrics
D. Mutual
Answer: B
Q112. Which of the following statements about the availability concept of Information security management is true?
A. It ensures that modifications are not made to data by unauthorized personnel or processes .
B. It ensures reliable and timely access to resources.
C. It determines actions and behaviors of a single individual within a system.
D. It ensures that unauthorized modifications are not made to data by authorized personnel or processes.
Answer: B
Q113. Shoulder surfing is a type of in-person attack in which the attacker gathers information about the premises of an organization. This attack is often performed by looking surreptitiously at the keyboard of an employee's computer while he is typing in his password at any access point such as a terminal/Web site. Which of the following is violated in a shoulder surfing attack?
A. Authenticity
B. Integrity
C. Availability
D. Confidentiality
Answer: D
Q114. You are the project manager of the HJK project for your organization. You and the project team have created risk responses for many of the risk events in the project. A teaming agreement is an example of what risk response?
A. Acceptance
B. Mitigation
C. Sharing
D. Transference
Answer: C
Q115. System Authorization is the risk management process. System Authorization Plan (SAP) is a comprehensive and uniform approach to the System Authorization Process. What are the different phases of System Authorization Plan?
Each correct answer represents a part of the solution. Choose all that apply.
A. Post-Authorization
B. Pre-certification
C. Post-certification
D. Certification
E. Authorization
Answer: ABDE
Replace CAP free exam questions:
Q116. You are the project manager of the GHY Project for your company. You have completed the risk response planning with your project team. You now need to update the WBS. Why would the project manager need to update the WBS after the risk response planning process? Choose the best answer.
A. Because of risks associated with work packages
B. Because of work that was omitted during the WBS creation
C. Because of risk responses that are now activities
D. Because of new work generated by the risk responses
Answer: D
Q117. Tom is the project manager for his organization. In his project he has recently finished the risk response planning. He tells his manager that he will now need to update the cost and schedule baselines. Why would the risk response planning cause Tom the need to update the cost and schedule baselines?
A. New or omitted work as part of a risk response can cause changes to the cost and/or schedule baseline.
B. Risk responses protect the time and investment of the project.
C. Risk responses may take time and money to implement.
D. Baselines should not be updated, but refined through versions.
Answer: A
Q118. Which of the following relations correctly describes residual risk?
A. Residual Risk = Threats x Vulnerability x Asset Gap x Control Gap
B. Residual Risk = Threats x Exploit x Asset Value x Control Gap
C. Residual Risk = Threats x Exploit x Asset Value x Control Gap
D. Residual Risk = Threats x Vulnerability x Asset Value x Control Gap
Answer: D
Q119. You are responsible for network and information security at a metropolitan police station. The most important concern is that unauthorized parties are not able to access data. What is this called?
A. Confidentiality
B. Encryption
C. Integrity
D. Availability
Answer: A
Q120. Lisa is the project manager of the SQL project for her company. She has completed the risk response planning with her project team and is now ready to update the risk register to reflect the risk response. Which of the following statements best describes the level of detail Lisa should include with the risk responses she has created?
A. The level of detail is set by historical information.
B. The level of detail must define exactly the risk response for each identified risk.
C. The level of detail is set of project risk governance.
D. The level of detail should correspond with the priority ranking
Answer: D