Weekend Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Ace the ISC ISSEP Exam: Ultimate Preparation Guide

Questions 11

Which of the following organizations incorporates building secure audio and video communications equipment, making tamper protection products, and providing trusted microelectronics solutions

Options:
A.

DTIC

B.

NSA IAD

C.

DIAP

D.

DARPA

ISC ISSEP Premium Access
Questions 12

A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. Which of the following are required to be addressed in a well designed policy Each correct answer represents a part of the solution. Choose all that apply.

Options:
A.

What is being secured

B.

Who is expected to comply with the policy

C.

Where is the vulnerability, threat, or risk

D.

Who is expected to exploit the vulnerability

Questions 13

Certification and Accreditation (C&A or CnA) is a process for implementing information security. It is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to or after a system is in operation. Which of the following statements are true about Certification and Accreditation Each correct answer represents a complete solution. Choose two.

Options:
A.

Accreditation is a comprehensive assessment of the management, operational, and technical security controls in an information system.

B.

Accreditation is the official management decision given by a senior agency official to authorize operation of an information system.

C.

Certification is a comprehensive assessment of the management, operational, and technical security controls in an information system.

D.

Certification is the official management decision given by a senior agency official to authorize operation of an information system.

Questions 14

The risk transference is referred to the transfer of risks to a third party, usually for a fee, it creates a contractual-relationship for the third party to manage the risk on behalf of the performing organization. Which one of the following is NOT an example of the transference risk response

Options:
A.

Warranties

B.

Performance bonds

C.

Use of insurance

D.

Life cycle costing

Questions 15

You work as an ISSE for BlueWell Inc. You want to break down user roles, processes, and information until ambiguity is reduced to a satisfactory degree. Which of the following tools will help you to perform the above task

Options:
A.

PERT Chart

B.

Gantt Chart

C.

Functional Flow Block Diagram

D.

Information Management Model (IMM)

Questions 16

Which of the following CNSS policies describes the national policy on use of cryptomaterial by activities operating in high risk environments

Options:
A.

CNSSP No. 14

B.

NCSC No. 5

C.

NSTISSP No. 6

D.

NSTISSP No. 7

Questions 17

Which of the following DITSCAPNIACAP model phases is used to show the required evidence to support the DAA in accreditation process and conclude in an Approval To Operate (ATO)

Options:
A.

Verification

B.

Validation

C.

Post accreditation

D.

Definition

Questions 18

Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities

Options:
A.

Advisory memoranda

B.

Directives

C.

Instructions

D.

Policies

Questions 19

Which of the following tasks obtains the customer agreement in planning the technical effort

Options:
A.

Task 9

B.

Task 11

C.

Task 8

D.

Task 10

Questions 20

Which of the following federal agencies provides a forum for the discussion of policy issues, sets national policy, and promulgates direction, operational procedures, and guidance for the security of national security systems

Options:
A.

National Security AgencyCentral Security Service (NSACSS)

B.

National Institute of Standards and Technology (NIST)

C.

United States Congress

D.

Committee on National Security Systems (CNSS)

Exam Code: ISSEP
Certification Provider: ISC
Exam Name: ISSEP Information Systems Security Engineering Professional
Last Update: Jan 15, 2025
Questions: 216