ISSMP ISC2 Exam Questions and Free Practice Test

Question 7

Which of the following security models deal only with integrity? Each correct answer represents a complete solution. Choose two.

A. Biba-Wilson

B. Clark-Wilson

C. Bell-LaPadula

D. Biba

Correct Answer:BD

Question 8

Software Development Life Cycle (SDLC) is a logical process used by programmers to develop software. Which of the following SDLC phases meets the audit objectives defined below: System and data are validated. System meets all user requirements. System meets all control requirements.

A. Programming and training

B. Evaluation and acceptance

C. Definition

D. Initiation

Correct Answer:B

Question 9

You are the project manager of the NGQQ Project for your company. To help you communicate project status to your stakeholders, you are going to create a stakeholder register. All of the following information should be included in the stakeholder register except for which one?

A. Identification information for each stakeholder

B. Assessment information of the stakeholders' major requirements, expectations, and potential influence

C. Stakeholder classification of their role in the project

D. Stakeholder management strategy

Correct Answer:D

Question 10

You are documenting your organization's change control procedures for project management. What portion of the change control process oversees features and functions of the product scope?

A. Configuration management

B. Product scope management is outside the concerns of the project.

C. Scope changecontrol system

D. Project integration management

Correct Answer:A

Question 11

Which of the following are known as the three laws of OPSEC? Each correct answer represents a part of the solution. Choose three.

A. Ifyou don't know the threat, how do you know what to protect?

B. If you don't know what to protect, how do you know you are protecting it?

C. If you are not protecting it (the critical and sensitive information), the adversary wins!

D. If you don't knowabout your security resources you cannot protect your networ

Correct Answer:ABC

Question 12

Fill in the blank with an appropriate word. are used in information security to formalize security policies.

A. Model

Correct Answer:A

START ISSMP EXAM