Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

ISC ISSEP - ISSEP Information Systems Security Engineering Professional

ISC ISSEP Premium Access     Download Demo    
Page: 5 / 7
Total 216 questions

Which of the following individuals reviews and approves project deliverables from a QA perspective

A.

Information systems security engineer

B.

System owner

C.

Quality assurance manager

D.

Project manager

DoD 8500.2 establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels. Which of the following MAC levels requires basic integrity and availability

A.

MAC I

B.

MAC II

C.

MAC IV

D.

MAC III

Certification and Accreditation (C&A or CnA) is a process for implementing information security. It is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to or after a system is in operation. Which of the following statements are true about Certification and Accreditation Each correct answer represents a complete solution. Choose two.

A.

Accreditation is a comprehensive assessment of the management, operational, and technical security controls in an information system.

B.

Accreditation is the official management decision given by a senior agency official to authorize operation of an information system.

C.

Certification is a comprehensive assessment of the management, operational, and technical security controls in an information system.

D.

Certification is the official management decision given by a senior agency official to authorize operation of an information system.

Which of the following tasks describes the processes required to ensure that the project includes all the work required, and only the work required, to complete the project successfully

A.

Identify Roles and Responsibilities

B.

Develop Project Schedule

C.

Identify Resources and Availability

D.

Estimate project scope

Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities

A.

Advisory memoranda

B.

Directives

C.

Instructions

D.

Policies

In 2003, NIST developed a new Certification & Accreditation (C&A) guideline known as FIPS 199. What levels of potential impact are defined by FIPS 199 Each correct answer represents a complete solution. Choose all that apply.

A.

High

B.

Medium

C.

Low

D.

Moderate

Which of the following statements define the role of the ISSEP during the development of the detailed security design, as mentioned in the IATF document Each correct answer represents a complete solution. Choose all that apply.

A.

It identifies the information protection problems that needs to be solved.

B.

It allocates security mechanisms to system security design elements.

C.

It identifies custom security products.

D.

It identifies candidate commercial off-the-shelf (COTS)government off-the-shelf (GOTS) security products.

You are working as a project manager in your organization. You are nearing the final stages of project execution and looking towards the final risk monitoring and controlling activities. For your project archives, which one of the following is an output of risk monitoring and control

A.

Quantitative risk analysis

B.

Risk audits

C.

Requested changes

D.

Qualitative risk analysis

Which of the following organizations assists the President in overseeing the preparation of the federal budget and to supervise its administration in Executive Branch agencies

A.

NSACSS

B.

OMB

C.

DCAA

D.

NIST

Which of the following is designed to detect unwanted attempts at accessing, manipulating, and disabling of computer systems through the Internet

A.

DAS

B.

IDS

C.

ACL

D.

Ipsec