ISSEP ISC2 Exam Questions and Free Practice Test

Question 37

Which of the following characteristics are described by the DIAP Information Readiness Assessment function Each correct answer represents a complete solution. Choose all that apply.

A. It performs vulnerabilitythreat analysis assessment.

B. It provides for entry and storage of individual system data.

C. It provides data needed to accurately assess IA readiness.

D. It identifies and generates IA requirements.

Correct Answer:ACD

Question 38

Which of the following processes provides guidance to the system designers and form the basis of major events in the acquisition phases, such as testing the products for system integration

A. Operational scenarios

B. Functional requirements

C. Human factors

D. Performance requirements

Correct Answer:A

Question 39

The National Information Assurance Certification and Accreditation Process (NIACAP) is the minimum standard process for the certification and accreditation of computer and
telecommunications systems that handle U.S. national security information. What are the different types of NIACAP accreditation Each correct answer represents a complete solution. Choose all that apply.

A. Type accreditation

B. Site accreditation

C. System accreditation

D. Secure accreditation

Correct Answer:ABC

Question 40

The Information System Security Officer (ISSO) and Information System Security Engineer (ISSE) play the role of a supporter and advisor, respectively. Which of the following statements are true about ISSO and ISSE Each correct answer represents a complete solution. Choose all that apply.

A. An ISSE manages the security of the information system that is slated for Certification & Accreditation (C&A).

B. An ISSE provides advice on the impacts of system changes.

C. An ISSE provides advice on the continuous monitoring of the information system.

D. An ISSO manages the security of the information system that is slated for Certification & Accreditation (C&A).

E. An ISSO takes part in the development activities that are required to implement system changes.

Correct Answer:BCD

Question 41

Which of the following email lists is written for the technical audiences, and provides weekly summaries of security issues, new vulnerabilities, potential impact, patches and workarounds, as well as the actions recommended to mitigate risk

A. Cyber Security Tip

B. Cyber Security Alert

C. Cyber Security Bulletin

D. Technical Cyber Security Alert

Correct Answer:C

Question 42

Which of the following is an Information Assurance (IA) model that protects and defends information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation

A. Parkerian Hexad

B. Five Pillars model

C. Capability Maturity Model (CMM)

D. Classic information security model

Correct Answer:B

START ISSEP EXAM