Best Quality of CAP free exam materials and preparation exams for ISC2 certification for IT candidates, Real Success Guaranteed with Updated CAP pdf dumps vce Materials. 100% PASS ISC2 CAP Certified Authorization Professional exam Today!
Q121. In which of the following phases of the DITSCAP process does Security Test and Evaluation (ST&E) occur?
A. Phase 2
B. Phase 3
C. Phase 1
D. Phase 4
Answer: B
Q122. Fill in the blank with an appropriate word.
________ ensures that the information is not disclosed to unauthorized persons or processes.
A. Confidentiality
Answer: A
Q123. Which of the following is NOT a phase of the security certification and accreditation process?
A. Initiation
B. Security certification
C. Operation
D. Maintenance
Answer: C
Q124. The National Information Assurance Certification and Accreditation Process (NIACAP) is the minimum standard process for the certification and accreditation of computer and telecommunications systems that handle U.S. national security information. What are the different types of NIACAP accreditation?
Each correct answer represents a complete solution. Choose all that apply.
A. Secure accreditation
B. Type accreditation
C. System accreditation
D. Site accreditation
Answer: BCD
Q125. You are the project manager of the NHH project for your company. You have completed the first round of risk management planning and have created four outputs of the risk response planning process. Which one of the following is NOT an output of the risk response planning?
A. Risk-related contract decisions
B. Project document updates
C. Risk register updates
D. Organizational process assets updates
Answer: D
Q126. ISO 17799 has two parts. The first part is an implementation guide with guidelines on how to build a comprehensive information security infrastructure and the second part is an auditing guide based on requirements that must be met for an organization to be deemed compliant with ISO 17799. What are the ISO 17799 domains?
Each correct answer represents a complete solution. Choose all that apply.
A. Information security policy for the organization
B. Personnel security
C. Business continuity management
D. System architecture management
E. System development and maintenance
Answer: ABCE
Q127. What component of the change management system is responsible for evaluating, testing, and documenting changes created to the project scope?
A. Configuration Management System
B. Project Management InformationSystem
C. Scope Verification
D. Integrated Change Control
Answer: A
Q128. To help review or design security controls, they can be classified by several criteria. One of these criteria is based on nature. According to this criteria, which of the following controls consists of incident response processes, management oversight, security awareness, and training?
A. Technical control
B. Physical control
C. Procedural control
D. Compliance control
Answer: C