Pass the ISC ISSEP Questions and answers with ValidTests

Exam ISSEP Premium Access

View all detail and faqs for the ISSEP exam

Go to Exam

Viewing page 6 out of 7 pages

Viewing questions 51-60 out of questions

Questions # 51:

Which of the following certification levels requires the completion of the minimum security checklist, and the system user or an independent certifier can complete the checklist

Options:

CL 2

CL 3

CL 1

CL 4

Expert Solution

Questions # 52:

A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. What are the different types of policies Each correct answer represents a complete solution. Choose all that apply.

Options:

Regulatory

Advisory

Systematic

Informative

Expert Solution

Questions # 53:

The National Information Assurance Certification and Accreditation Process (NIACAP) is the minimum standard process for the certification and accreditation of computer and telecommunications systems that handle U.S. national security information. Which of the following participants are required in a NIACAP security assessment Each correct answer represents a part of the solution. Choose all that apply.

Options:

Information Assurance Manager

Designated Approving Authority

Certification agent

IS program manager

User representative

Expert Solution

Questions # 54:

Choose and reorder the tasks performed in Plan the effort process.

Options:

Expert Solution

Questions # 55:

The phase 3 of the Risk Management Framework (RMF) process is known as mitigation planning. Which of the following processes take place in phase 3 Each correct answer represents a complete solution. Choose all that apply.

Options:

Agree on a strategy to mitigate risks.

Evaluate mitigation progress and plan next assessment.

Identify threats, vulnerabilities, and controls that will be evaluated.

Document and implement a mitigation plan.

Expert Solution

Questions # 56:

The risk transference is referred to the transfer of risks to a third party, usually for a fee, it creates a contractual-relationship for the third party to manage the risk on behalf of the performing organization. Which one of the following is NOT an example of the transference risk response

Options:

Warranties

Performance bonds

Use of insurance

Life cycle costing

Expert Solution

Questions # 57:

Which of the following areas of information system, as separated by Information Assurance Framework, is a collection of local computing devices, regardless of physical location, that are interconnected via local area networks (LANs) and governed by a single security policy

Options:

Networks and Infrastructures

Supporting Infrastructures

Enclave Boundaries

Local Computing Environments

Expert Solution

Questions # 58:

You work as a security manager for BlueWell Inc. You are going through the NIST SP 800-37 C&A methodology, which is based on four well defined phases. In which of the following phases of NIST SP 800-37 C&A methodology does the security categorization occur

Options:

Continuous Monitoring

Initiation

Security Certification

Security Accreditation

Expert Solution

Questions # 59:

Which of the following DoD policies establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels

Options:

DoD 8500.1 Information Assurance (IA)

DoD 8500.2 Information Assurance Implementation

DoDI 5200.40

DoD 8510.1-M DITSCAP

Expert Solution

Questions # 60:

Which of the following protocols is used to establish a secure terminal to a remote network device

Options:

WEP

SMTP

SSH

IPSec

Expert Solution

Viewing page 6 out of 7 pages

Viewing questions 51-60 out of questions

Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Pass the ISC ISSEP Questions and answers with ValidTests

Exam ISSEP Premium Access

Options:

Options:

Options:

Options:

Options:

Options:

Options:

Options:

Options:

Options: