Black Friday Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

examstrack slider

Ace the ISC ISSEP Exam: Ultimate Preparation Guide

Questions 31

Which of the following characteristics are described by the DIAP Information Readiness Assessment function Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

It performs vulnerabilitythreat analysis assessment.

B.

It provides for entry and storage of individual system data.

C.

It provides data needed to accurately assess IA readiness.

D.

It identifies and generates IA requirements.

Buy Now
Questions 32

Which of the following DoD directives defines DITSCAP as the standard C&A process for the Department of Defense

Options:

A.

DoD 5200.22-M

B.

DoD 8910.1

C.

DoD 5200.40

D.

DoD 8000.1

Buy Now
Questions 33

Which of the following processes describes the elements such as quantity, quality, coverage, timelines, and availability, and categorizes the different functions that the system will need to perform in order to gather the documented missionbusiness needs

Options:

A.

Functional requirements

B.

Operational scenarios

C.

Human factors

D.

Performance requirements

Buy Now
Questions 34

Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted by the National Security Agency for protecting sensitive, unclassified information in the systems as stated in Section 2315 of Title 10, United States Code

Options:

A.

Type I cryptography

B.

Type II cryptography

C.

Type III (E) cryptography

D.

Type III cryptography

Buy Now
Questions 35

Which of the following types of firewalls increases the security of data packets by remembering the state of connection at the network and the session layers as they pass through the filter

Options:

A.

Stateless packet filter firewall

B.

PIX firewall

C.

Stateful packet filter firewall

D.

Virtual firewall

Buy Now
Questions 36

Which of the following security controls will you use for the deployment phase of the SDLC to build secure software Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Risk Adjustments

B.

Security Certification and Accreditation (C&A)

C.

Vulnerability Assessment and Penetration Testing

D.

Change and Configuration Control

Buy Now
Questions 37

Your project is an agricultural-based project that deals with plant irrigation systems. You have discovered a byproduct in your project that your organization could use to make a profit. If your organization seizes this opportunity it would be an example of what risk response

Options:

A.

Enhancing

B.

Positive

C.

Opportunistic

D.

Exploiting

Buy Now
Questions 38

Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system

Options:

A.

Data security requirement

B.

Network connection rule

C.

Applicable instruction or directive

D.

Security concept of operation

Buy Now
Questions 39

You work as a security manager for BlueWell Inc. You are going through the NIST SP 800-37 C&A methodology, which is based on four well defined phases. In which of the following phases of NIST SP 800-37 C&A methodology does the security categorization occur

Options:

A.

Continuous Monitoring

B.

Initiation

C.

Security Certification

D.

Security Accreditation

Buy Now
Questions 40

Which of the following federal agencies coordinates, directs, and performs highly specialized activities to protect U.S. information systems and produces foreign intelligence information

Options:

A.

National Institute of Standards and Technology (NIST)

B.

National Security AgencyCentral Security Service (NSACSS)

C.

Committee on National Security Systems (CNSS)

D.

United States Congress

Buy Now