ISSEP ISC2 Exam Questions and Free Practice Test

Question 13

Which of the following firewall types operates at the Network layer of the OSI model and can filter data by port, interface address, source address, and destination address

A. Circuit-level gateway

B. Application gateway

C. Proxy server

D. Packet Filtering

Correct Answer:D

Question 14

What are the subordinate tasks of the Initiate and Plan IA C&A phase of the DIACAP process Each correct answer represents a complete solution. Choose all that apply.

A. Develop DIACAP strategy.

B. Initiate IA implementation plan.

C. Conduct validation activity.

D. Assemble DIACAP team.

E. Register system with DoD Component IA Program.

F. Assign IA controls.

Correct Answer:ABDEF

Question 15

Which of the following statements define the role of the ISSEP during the development of the detailed security design, as mentioned in the IATF document Each correct answer represents a complete solution. Choose all that apply.

A. It identifies the information protection problems that needs to be solved.

B. It allocates security mechanisms to system security design elements.

C. It identifies custom security products.

D. It identifies candidate commercial off-the-shelf (COTS)government off-the-shelf (GOTS) security products.

Correct Answer:BCD

Question 16

Which of the following Security Control Assessment Tasks evaluates the operational, technical, and the management security controls of the information system using the techniques and measures selected or developed

A. Security Control Assessment Task 3

B. Security Control Assessment Task 1

C. Security Control Assessment Task 4

D. Security Control Assessment Task 2

Correct Answer:A

Question 17

Della works as a systems engineer for BlueWell Inc. She wants to convert system requirements into a comprehensive function standard, and break the higher-level functions into lower-level functions. Which of the following processes will Della use to accomplish the task

A. Risk analysis

B. Functional allocation

C. Functional analysis

D. Functional baseline

Correct Answer:C

Question 18

Which of the following NIST documents describes that minimizing negative impact on an organization and a need for sound basis in decision making are the fundamental reasons organizations implement a risk management process for their IT systems

A. NIST SP 800-37

B. NIST SP 800-30

C. NIST SP 800-53

D. NIST SP 800-60

Correct Answer:B

START ISSEP EXAM