Ensurepass
2017 July ISC Official New Released CAP Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/CAP.html

Certified Authorization Professional

QUESTION 131

Your project uses a piece of equipment that if the temperature of the machine goes above 450 degree Fahrenheit the machine will overheat andhave to be shut down for 48 hours. Should this machine overheat even once it will delay the project’s end date. You work with your project to create a response that should the temperature of the machine reach 430, the machine will be paused for at least anhour to cool it down. The temperature of 430 is called what?

 

A.

Risk identification

B.

Risk response

C.

Risk triggerD. Risk event

 

Correct Answer: C

 

 

QUESTION 132

According to U.S. Department of Defense (DoD) Instruction 8500.2, there are eight Information Assurance (IA) areas, and the controls are referred to as IA controls. Which of the following are among the eight areas of IA defined by DoD? Each correct answer represents a complete solution. Choose all that apply.

 

A.

DC Security Design & Configuration

B.

VI Vulnerability and Incident Management

C.

EC Enclave and Computing Environment

D.

Information systems acquisition, development, and maintenance

 

Correct Answer: ABC

QUESTION 133

Which of the following is an Information Assurance (IA) model that protects and defends information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation?

 

A.

Parkerian Hexad

B.

Capability Maturity Model (CMM)

C.

Classic information security model

D.

Five Pillars model

 

Correct Answer: D

 

 

QUESTION 134

You work as a project manager for BlueWell Inc. Your project is running late and you must respond to the risk. Which risk response can you choose that will also cause you to updatethe human resource management plan?

 

A.

Teamingagreements

B.

Crashing the project

C.

Transference

D.

Fast tracking the project

 

Correct Answer: B

 

 

QUESTION 135

FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows that the procedures and controls have been implemented?

 

A.

Level 2

B.

Level 3

C.

Level 5

D.

Level 4

E.

Level 1

 

Correct Answer: B

 

 

QUESTION 136

You are the project manager for your company and a new change request hasbeen approved for your project. This change request, however, has introduced several new risks to the project. You have communicated these risk events and the project stakeholders understand the possible effects these risks could have on your project. You elect to create a mitigation response for the identified risk events. Where will you record the mitigation response?

 

A.

Risk register

B.

Risk log

C.

Risk management plan

D.

Project management plan

 

Correct Answer: A

QUESTION 137

Which of the following recoveryplans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

 

A.

Continuity of Operations Plan

B.

Disaster recovery plan

C.

Contingency plan

D.

Business continuity plan

 

Correct Answer: C

 

 

QUESTION 138

The Phase 2 of DITSCAP C&A is known as Verification. The goal of this phase is to obtain a fully integrated system for certification testing and accreditation. What are the process activities of this phase? Each correct answer represents a complete solution. Choose all that apply.

 

A.

System development

B.

Certification analysis

C.

Registration

D.

Assessment of the Analysis Results

E.

Configuring refinement of the SSAA

 

Correct Answer: ABDE

 

 

QUESTION 139

ISO 17799 has two parts. The first part is an implementation guide with guidelines on how to build a comprehensive information security infrastructure and the second part is an auditing guide based on requirements that must be met for an organization to be deemed compliant with ISO 17799. What are the ISO 17799 domains? Each correct answer represents a complete solution. Choose all that apply.

 

A.

Information security policy for the organization

B.

< font style="font-size: 10pt" color="#000000">Personnel security

C.

Business continuity management

D.

System architecture management

E.

System development and maintenance

 

Correct Answer: ABCE

 

 

QUESTION 140

Certification and Accreditation (C&A or CnA) is a process for implementing information security. It is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to or after a system is in operation. Which of the following statements are true about Certification and Accreditation? Each correct answer represents a complete solution. Choose two.

 

A.

Certification is a comprehensive assessment of the management, operational, and technical security controls in an information system.

B.

Accreditation is a comprehensive assessment of the management, operational, and technical security controls in an information system.

C.

Certification isthe official management decision given by a senior agency official to authorize operation of an information system.

D.

Accreditation is the official management decision given by a senior agency official to authorize operation of an information system.

 

Correct Answer: AD

100% Free Download!
—Download Free Demo:CAP Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass CAP Full Exam PDF and VCE Q&As:395
—Get 10% off your purchase! Copy it:TJDN-947R-9CCD [2017.07.01-2017.07.31]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE