New Year Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Ace the ISC ISSEP Exam: Ultimate Preparation Guide

Questions 21

Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event

Options:
A.

Earned value management

B.

Risk audit

C.

Corrective action

D.

Technical performance measurement

ISC ISSEP Premium Access
Questions 22

Which of the following processes illustrate the study of a technical nature of interest to focused audience, and consist of interim or final reports on work made by NIST for external sponsors, including government and non-government sponsors

Options:
A.

Federal Information Processing Standards (FIPS)

B.

Special Publication (SP)

C.

NISTIRs (Internal Reports)

D.

DIACAP

Questions 23

Which of the following is a temporary approval to operate based on an assessment of the implementation status of the assigned IA Controls

Options:
A.

IATO

B.

DATO

C.

ATO

D.

IATT

Questions 24

Which of the following types of CNSS issuances establishes or describes policy and programs, provides authority, or assigns responsibilities

Options:
A.

Instructions

B.

Directives

C.

Policies

D.

Advisory memoranda

Questions 25

Which of the following is NOT used in the practice of Information Assurance (IA) to define assurance requirements

Options:
A.

Classic information security model

B.

Five Pillars model

C.

Communications Management Plan

D.

Parkerian Hexad

Questions 26

Which of the following policies describes the national policy on the secure electronic messaging service

Options:
A.

NSTISSP No. 11

B.

NSTISSP No. 7

C.

NSTISSP No. 6

D.

NSTISSP No. 101

Questions 27

Which of the following NIST Special Publication documents provides a guideline on network security testing

Options:
A.

NIST SP 800-60

B.

NIST SP 800-37

C.

NIST SP 800-59

D.

NIST SP 800-42

E.

NIST SP 800-53A

F.

NIST SP 800-53

Questions 28

Which of the following Registration Tasks sets up the system architecture description, and describes the C&A boundary

Options:
A.

Registration Task 3

B.

Registration Task 4

C.

Registration Task 2

D.

Registration Task 1

Questions 29

Which of the following DITSCAP C&A phases takes place between the signing of the initial version of the SSAA and the formal accreditation of the system

Options:
A.

Phase 3

B.

Phase 2

C.

Phase 4

D.

Phase 1

Questions 30

FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows that the procedures and controls are tested and reviewed

Options:
A.

Level 4

B.

Level 5

C.

Level 1

D.

Level 2

E.

Level 3

Exam Code: ISSEP
Certification Provider: ISC
Exam Name: ISSEP Information Systems Security Engineering Professional
Last Update: Jan 16, 2025
Questions: 216