Exam Code: CAP (Practice Exam Latest Test Questions VCE PDF)
Exam Name: ISC2 CAP Certified Authorization Professional
Certification Provider: ISC2
Free Today! Guaranteed Training- Pass CAP Exam.
Q225. Which of the following processes is described in the statement below?
"It is the process of implementing risk response plans, tracking identified risks, monitoring residual risk, identifying new risks, and evaluating risk process effectiveness throughout the project."
A. Perform Quantitative Risk Analysis
B. Monitor and Control Risks
C. Perform Qualitative Risk Analysis
D. Identify Risks
Answer: B
Q226. FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows that the procedures and controls have been implemented?
A. Level 2
B. Level 5
C. Level 4
D. Level 1
E. Level 3
Answer: E
Q227. Which of the following is NOT an objective of the security program?
A. Security organization
B. Security plan
C. Security education
D. Information classification
Answer: B
Q228. Who is responsible for the stakeholder expectations management in a high-profile, high-risk project?
A. Project management office
B. Project sponsor
C. Project risk assessment officer
D. Project manager
Answer: D
Q229. Which of the following NIST documents provides a guideline for identifying an information system as a National Security System?
A. NIST SP 800-53
B. NIST SP 800-59
C. NIST SP 800-53A
D. NIST SP 800-37
E. NIST SP 800-60
Answer: B
Q230. Which of the following guidance documents is useful in determining the impact level of a particular threat on agency systems?
A. NIST SP 800-41
B. NIST SP 800-37
C. FIPS 199
D. NIST SP 800-14
Answer: C
Q231. In which of the following phases do the system security plan update and the Plan of Action and Milestones (POAM) update take place?
A. Continuous Monitoring Phase
B. Accreditation Phase
C. Preparation Phase
D. DITSCAP Phase
Answer: A
Q232. Billy is the project manager of the HAR Project and is in month six of the project. The project is scheduled to last for 18 months. Management asks Billy how often the project team is participating in risk reassessment in this project. What should Billy tell management if he's following the best practices for risk management?
A. At every status meeting the project team project risk management is an agenda item.
B. Project risk management happens at every milestone.
C. Project risk management has been concluded with the project planning.
D. Project risk management is scheduled for every monthin the 18-month project.
Answer: A