ISC2 CISSP-ISSEP Braindumps 2021

NEW QUESTION 1
Which of the following individuals is an upper-level manager who has the power and capability to evaluate the mission, business case, and budgetary needs of the system while also considering the security risks

• A. User Representative
• B. Program Manager
• C. Certifier
• D. DAA

Answer: D

NEW QUESTION 2
Which of the following DoD policies establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels

• A. DoD 8500.1 Information Assurance (IA)
• B. DoD 8500.2 Information Assurance Implementation
• C. DoDI 5200.40
• D. DoD 8510.1-M DITSCAP

Answer: B

NEW QUESTION 3
FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows that the procedures and controls are tested and reviewed

• A. Level 4
• B. Level 5
• C. Level 1
• D. Level 2
• E. Level 3

Answer: A

NEW QUESTION 4
What are the subordinate tasks of the Initiate and Plan IA C&A phase of the DIACAP process Each correct answer represents a complete solution. Choose all that apply.

• A. Develop DIACAP strategy.
• B. Initiate IA implementation plan.
• C. Conduct validation activity.
• D. Assemble DIACAP team.
• E. Register system with DoD Component IA Program.
• F. Assign IA controls.

Answer: ABDEF

NEW QUESTION 5
What NIACAP certification levels are recommended by the certifier Each correct answer represents a complete solution. Choose all that apply.

• A. Basic System Review
• B. Basic Security Review
• C. Maximum Analysis
• D. Comprehensive Analysis
• E. Detailed Analysis
• F. Minimum Analysis

Answer: BDEF

NEW QUESTION 6
Which of the following individuals is responsible for monitoring the information system
environment for factors that can negatively impact the security of the system and its accreditation

• A. Chief Information Officer
• B. Chief Information Security Officer
• C. Chief Risk Officer
• D. Information System Owner

Answer: D

NEW QUESTION 7
Which of the following processes describes the elements such as quantity, quality, coverage, timelines, and availability, and categorizes the different functions that the system will need to perform in order to gather the documented missionbusiness needs

• A. Functional requirements
• B. Operational scenarios
• C. Human factors
• D. Performance requirements

Answer: A

NEW QUESTION 8
Certification and Accreditation (C&A or CnA) is a process for implementing information security. Which of the following is the correct order of C&A phases in a DITSCAP assessment

• A. Definition, Validation, Verification, and Post Accreditation
• B. Verification, Definition, Validation, and Post Accreditation
• C. Verification, Validation, Definition, and Post Accreditation
• D. Definition, Verification, Validation, and Post Accreditation

Answer: D

NEW QUESTION 9
Which of the following protocols is built in the Web server and browser to encrypt data traveling over the Internet

• A. UDP
• B. SSL
• C. IPSec
• D. HTTP

Answer: B

NEW QUESTION 10
Which of the following configuration management system processes keeps track of the changes so that the latest acceptable configuration specifications are readily available

• A. Configuration Identification
• B. Configuration Verification and Audit
• C. Configuration Status and Accounting
• D. Configuration Control

Answer: C

NEW QUESTION 11
DoD 8500.2 establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels. Which of the following MAC levels requires basic integrity and availability

• A. MAC I
• B. MAC II
• C. MAC IV
• D. MAC III

Answer: D

NEW QUESTION 12
Which of the following types of CNSS issuances establishes or describes policy and
programs, provides authority, or assigns responsibilities

• A. Instructions
• B. Directives
• C. Policies
• D. Advisory memoranda

Answer: B

NEW QUESTION 13
You work as a system engineer for BlueWell Inc. Which of the following documents will help you to describe the detailed plans, procedures, and schedules to guide the transition process

• A. Configuration management plan
• B. Transition plan
• C. Systems engineering management plan (SEMP)
• D. Acquisition plan

Answer: B

NEW QUESTION 14
Fill in the blank with an appropriate phrase. seeks to improve the quality of process outputs by identifying and removing the causes of defects and variability in manufacturing and business processes.

• A. Six Sigma

Answer: A

NEW QUESTION 15
Which of the following memorandums directs the Departments and Agencies to post clear privacy policies on World Wide Web sites, and provides guidance for doing it

• A. OMB M-99-18
• B. OMB M-00-13
• C. OMB M-03-19
• D. OMB M-00-07

Answer: A

NEW QUESTION 16
Which of the following assessment methodologies defines a six-step technical security evaluation

• A. FITSAF
• B. OCTAVE
• C. FIPS 102
• D. DITSCAP

Answer: C

NEW QUESTION 17
You have been tasked with finding an encryption methodology that will encrypt most types of email attachments. The requirements are that your solution must use the RSA algorithm. Which of the following is your best choice

• A. PGP
• B. SMIME
• C. DES
• D. Blowfish

Answer: B

NEW QUESTION 18
Which of the following federal agencies has the objective to develop and promote measurement, standards, and technology to enhance productivity, facilitate trade, and improve the quality of life

• A. National Institute of Standards and Technology (NIST)
• B. National Security Agency (NSA)
• C. Committee on National Security Systems (CNSS)
• D. United States Congress

Answer: A