Ensurepass
2017 July ISC Official New Released CAP Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/CAP.html

Certified Authorization Professional

QUESTION 41

You are preparing to start the qualitative risk analysis process for your project. You will be relying on some organizational process assets to influence the process. Which one of the following isNOTa probable reason for relying on organizational process assets as an input for qualitative risk analysis?

 

A.

Information on prior, similar projects

B.

Review of vendor contracts to examine risks in past projects

C.

Risk databases that may be available from industry sources

D.

Studies of similar projects by risk specialists

 

Correct Answer: B

 

 

QUESTION 42

System Authorization is the risk management process. System Authorization Plan (SAP) is a comprehensive and uniform approach to the System Authorization Process. What are the different phases of System Authorization Plan? Each correct answer represents a part of the solution. Choose all that apply.

 

A.

Pre-certification

B.

Certification

C.

Post-certification

D.

Authorization

E.

Post-Authorization

 

Correct Answer: ABDE

 

 

QUESTION 43

A part of a project deals with the hardware work. As a project manager,you have decided to hire a company to deal with all hardware work on the project. Which type of risk response is this?

 

A.

Avoidance

B.

Mitigation

C.

Exploit

D.

Transference

 

Correct Answer: D

 

 

QUESTION 44

Risks with low ratings of probability and impact are included on a ____ for future monitoring.

 

A.

Watchlist

B.

Risk alarm

C.

Observation list

D.

Risk register

 

Correct Answer: A

 

 

QUESTION 45

Penetration testing (also called pen testing) is the practice of testing a computer system, network, or Web application to findvulnerabilities that
an attacker could exploit. Which of the following areas can be exploited in a penetration test? Each correct answer represents a complete solution. Choose all that apply.

 

A.

Social engineering

B.

File and directory permissions

C.

Buffer overflows

D.

Kernel flaws

E.

Race conditions

F.

Information system architecturesG. Trojan horses

 

Correct Answer: ABCDE

 

 

QUESTION 46

Frank is the project manager of the NHH Project. He is working with the project team to create a plan to documentthe procedures to manage risks throughout the project. This document will define how risks will be identified and quantified. It will also define how contingency plans will be implemented by the project team. What document is Frank and the NHH Project teamcreating in this scenario?

 

A.

Project management plan

B.

Resource management plan

C.

Risk management plan

D.

Project plan

 

Correct Answer: C

 

QUESTION 47

In which of the following testing methodologies do assessors use all available documentation and work underno constraints, and attempt to circumvent the security features of an information system?

 

A.

Full operational test

B.

Walk-through test

C.

Penetration test

D.

Paper test

 

Correct Answer: C

 

 

QUESTION 48

Which of the following DITSCAP phases validates that the preceding work has produced an IS that operates in a specified computing environment?

 

A.

Phase 4

B.

Phase 3

C.

Phase 2

D.

Phase 1

 

Correct Answer: B

 

 

QUESTION 49

Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident?

 

A.

Safeguards

B.

Preventive controls

C.

Detective controls

D.

Corrective controls

 

Correct Answer: D

 

 

QUESTION 50

Which of the following roles is also known as the accreditor?

 

A.

Chief Risk Officer

B.

Data owner

C.

Designated Approving Authority

D.

Chief Information Officer

 

Correct Answer: C

100% Free Download!
—Download Free Demo:CAP Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass CAP Full Exam PDF and VCE Q&As:395
—Get 10% off your purchase! Copy it:TJDN-947R-9CCD [2017.07.01-2017.07.31]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE