Cause all that matters here is passing the ISC2 CAP exam. Cause all that you need is a high score of CAP ISC2 CAP Certified Authorization Professional exam. The only one thing you need to do is downloading Testking CAP exam study guides now. We will not let you down with our money-back guarantee.

Q201. In which type of access control do user ID and password system come under?

A. Administrative

B. Technical

C. Power

D. Physical

Answer: B


Q202. During qualitative risk analysis you want to define the risk urgency assessment. All of the following are indicators of risk priority except for which one?

A. Symptoms

B. Cost of the project

C. Warning signs

D. Risk rating

Answer: B


Q203. You work as a project manager for BlueWell Inc. Management has asked you to work with the key project stakeholder to analyze the risk events you have identified in the project. They would like you to analyze the project risks with a goal of improving the project's performance as a whole.

What approach can you use to achieve the goal of improving the project's performance through risk analysis with your project stakeholders?

A. Involve subject matter experts in the risk analysis activities

B. Focus on the high-priority risks through qualitative risk analysis

C. Use qualitative risk analysis to quickly assess the probability and impact of risk events

D. Involve the stakeholders for risk identification only in the phases where the project directlyaffects them

Answer: B


Q204. Which of the following individuals is responsible for ensuring the security posture of the organization's information system?

A. Authorizing Official

B. Chief Information Officer

C. Security Control Assessor

D. Common Control Provider

Answer: A


Q205. Which of the following refers to an information security document that is used in the United States Department of Defense (DoD) to describe and accredit networks and systems?

A. FIPS

B. TCSEC

C. SSAA

D. FITSAF

Answer: C


Q206. Joan is a project management consultant and she has been hired by a firm to help them identify risk events within the project. Joan would first like to examine the project documents including the plans, assumptions lists, project files, and contracts. What key thing will help Joan to discover risks within the review of the project documents?

A. Lack of consistency between the plans and the project requirements and assumptions can bethe indicators of risk in the project.

B. The project documents will help the project manager, or Joan, to identify what risk identification approach is best to pursue.

C. Plans that have loose definitions of terms and disconnected approaches will revealrisks.

D. Poorly written requirements will reveal inconsistencies in the project plans and documents.

Answer: A


Q207. Bill is the project manager of the JKH Project. He and the project team have identified a risk event in the project with a high probability of occurrence and the risk event has a high cost impact on the project. Bill discusses the risk event with Virginia, the primary project customer, and she decides that the requirements surrounding the risk event should be removed from the project. The removal of the requirements does affect the project scope, but it can release the project from the high risk exposure. What risk response has been enacted in this project?

A. Avoidance

B. Acceptance

C. Transference

D. Mitigation

Answer: A


Q208. Which of the following objectives are defined by integrity in the C.I.A triad of information security systems?

Each correct answer represents a part of the solution. Choose three.

A. It preservesthe internal and external consistency of information.

B. It prevents the unauthorized or unintentional modification of information by the authorized users.

C. It prevents the modification of information by the unauthorized users.

D. It prevents the intentional or unintentional unauthorized disclosure of a message's contents .

Answer: ABC