Ensurepass
2017 July ISC Official New Released CAP Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/CAP.html

Certified Authorization Professional

QUESTION 111

Thomas is the project manager of the NHJ Project for his company. He has identified several positive risk events within his project and he thinks these events can save the project time and money. Positive risk events, such as these within the NHJ Project are also known as what?

 

A.

Opportunities

B.

Benefits

C.

Ancillary constituent components

D.

Contingency risks

 

Correct Answer: A

 

 

QUESTION 112

You are the project manager of the GGG project. You have completed the risk identification process for the initial phases of your project. As you begin to document the risk events in the risk register what additional information can you associate with the identified risk events?

 

A.

Risk schedule

B.

Risk potential responses

C.

Risk cost

D.

Risk owner

 

Correct Answer: B

 

 

 

 

 

 

QUESTION 113

Which of the following are the tasks performed by the owner in the information classification schemes? Each correct answer represents a part of the solution. Choose three.

 

A.

To make original determination to decide what level of classification the information requires, which is based on the business requirements for the safety of the data.

B.

To perform data restoration from the backups whenever required.

C.

To review the classification assignments from time to time and make alterations as the business requirements alter.

D.

To delegate the responsibility of the data safeguard duties to the custodian.

 

Correct Answer: ACD

 

 

QUESTION 114

Which of the following approaches can be used to build a security program? Each correct answer represents a complete solution. Choose all that apply.

 

A.

Bottom-Up Approach

B.

Right-Up Approach

C.

Top-Down Approach

D.

Left-Up Approach

 

Correct Answer: AC

 

 

QUESTION 115

Mary is the project manager for the BLB project. Shehas instructed the project team to assemble, to review the risks. She has included the schedule management plan as an input for the quantitative risk analysis process. Why is the schedule management plan needed for quantitative risk analysis?

 

A.

Mary will utilize the schedule controls and the nature of the schedule for the quantitative analysis of the schedule.

B.

Mary will schedule when the identified risks are likely to happen and affect the project schedule.

C.

Mary will utilize the schedule controls to determine how risks may be allowed to change the project schedule.

D.

Mary will use the schedule management plan to schedule the risk identification meetings throughout the remaining project.

 

Correct Answer: A

 

 

QUESTION 116

Sammy is
the project manager for herorganization. She would like to rate each risk based on its probability and affect on time, cost, and scope. Harry, a project team member, has never done this before and thinks Sammy is wrong to attempt this approach. Harry says that an accumulative riskscore should be created, not three separate risk scores. Who is correct in this scenario?

 

A.

Sammy is correct, because organizations can create risk scores for each objective of the project.

B.

Harry is correct, because the risk probability and impact considers all objectives of the project.

C.

Harry is correct, the risk probability and impact matrix is the only approach to risk assessment.

D.

Sammy is correct, because she is the project manager.

Correct Answer: A

 

 

QUESTION 117

Which of the following phases of the DITSCAP C&A process is used to define the C&A level of effort, to identify the main C&A roles and responsibilities, and to create an agreement on the method for implementing the security requirements?

 

A.

Phase 3

B.

Phase 2

C.

Phase 4

D.

Phase 1

 

Correct Answer: D

 

 

QUESTION 118

A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. Which of the following are required to be addressed in a well designed policy? Each correct answer represents a part of the solution. Choose all that apply.

 

A.

Who is expected to exploit the vulnerability?

B.

What is being secured?

C.

Where is the vulnerability, threat, or risk?

D.

Who is expected to comply with the policy?

 

Correct Answer: BCD

 

 

QUESTION 119

The Project Risk Management knowledge area focuses on which of the following processes? Each correct answer represents a complete solution. Choose all that apply.

 

A.

Potential Risk Monitoring

B.

Risk Management Planning

C.

Quantitative Risk Analysis

D.

Risk Monitoring and Control

 

Correct Answer: BCD

 

 

QUESTION 120

Which of the following objectives are defined by integrity in the C.I.A triad of information security systems? Each correct answer represents a part of the solution. Choose three.

 

A.

It preserves the internal and external consistency of information.

B.

It prevents the unauthorized or unintentional modification of information by the authorized users.

C.

It prevents the intentional or unintentional unauthorized disclosure of a message’s contents .

D.

It prevents the modification of information by the unauthorized users.

 

Correct Answer: ABD

100% Free Download!
—Download Free Demo:CAP Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass CAP Full Exam PDF and VCE Q&As:395
—Get 10% off your purchase! Copy it:TJDN-947R-9CCD [2017.07.01-2017.07.31]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE