Proper study guides for Regenerate ISC2 ISC2 CAP Certified Authorization Professional certified begins with ISC2 CAP preparation products which designed to deliver the Refined CAP questions by making you pass the CAP test at your first time. Try the free CAP demo right now.

2021 Oct CAP exam engine

Q221. You work as a project manager for BlueWell Inc. You are working with your team members on the risk responses in the project. Which risk response will likely cause a project to use the procurement processes?

A. Acceptance

B. Mitigation

C. Exploiting

D. Sharing

Answer: D


Q222. Which of the following are the types of access controls?

Each correct answer represents a complete solution. Choose three.

A. Administrative

B. Automatic

C. Technical

D. Physical

Answer: ACD


Q223. Which of the following describes residual risk as the risk remaining after risk mitigation has occurred?

A. DIACAP

B. ISSO

C. SSAA

D. DAA

Answer: A


Q224. In which of the following testing methodologies do assessors use all available documentation and work under no constraints, and attempt to circumvent the security features of an information system?

A. Full operational test

B. Penetration test

C. Paper test

D. Walk-through test

Answer: B


Q225. Which of the following assessment methods involves observing or conducting the operation of physical devices?

A. Interview

B. Deviation

C. Examination

D. Testing

Answer: D


Improved CAP exam answers:

Q226. Which of the following individuals is responsible for ensuring the security posture of the organization's information system?

A. Authorizing Official

B. Chief Information Officer

C. Security Control Assessor

D. Common Control Provider

Answer: A


Q227. You work as a project manager for BlueWell Inc. There has been a delay in your project work that is adversely affecting the project schedule. You decided, with your stakeholders' approval, to fast track the project work to get the project done faster. When you fast track the project which of the following are likely to increase?

A. Risks

B. Human resource needs

C. Quality control concerns

D. Costs

Answer: A


Q228. Virginia is the project manager for her organization. She has hired a subject matter expert to interview the project stakeholders on certain identified risks within the project. The subject matter expert will assess the risk event with what specific goal in mind?

A. To determine the bias of the risk event based on each person interviewed

B. To determine the probability and cost of the risk event

C. To determine the validity of each risk event

D. To determine the level of probability and impact for each risk event

Answer: D


Q229. Amy is the project manager for her company. In her current project the organization has a very low tolerance for risk events that will affect the project schedule. Management has asked Amy to consider the affect of all the risks on the project schedule. What approach can Amy take to create a bias against risks that will affect the schedule of the project?

A. She can have the project team pad their time estimates to alleviate delays in the project schedule.

B. She can shift risk-laden activities that affect the project schedule from the critical path as much as possible.

C. She can create an overall project rating scheme to reflect the bias towards risks that affect the project schedule.

D. She can filter all risks based on their affect on schedule versus other project objectives.

Answer: C


Q230. Numerous information security standards promote good security practices and define frameworks or systems to structure the analysis and design for managing information security controls. Which of the following are the international information security standards?

Each correct answer represents a complete solution. Choose all that apply.

A. Human resources security

B. Organization of information security

C. Risk assessment and treatment

D. AU audit and accountability

Answer: ABC