ISC ISSEP Dumps

Which of the following DITSCAPNIACAP model phases is used to show the required evidence to support the DAA in accreditation process and conclude in an Approval To Operate (ATO)

Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event

Which of the following documents is defined as a source document, which is most useful for the ISSE when classifying the needed security functionality

Which of the following organizations incorporates building secure audio and video communications equipment, making tamper protection products, and providing trusted microelectronics solutions

Which of the following terms describes the measures that protect and support information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation

Which of the following tasks prepares the technical management plan in planning the technical effort

Which of the following individuals is responsible for monitoring the information system environment for factors that can negatively impact the security of the system and its accreditation

Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted by the National Security Agency for protecting classified information

Fill in the blanks with an appropriate phrase. A ________ is an approved build of the product, and can be a single component or a combination of components.

In which of the following phases of the interconnection life cycle as defined by NIST SP 800-47, do the organizations build and execute a plan for establishing the interconnection, including executing or configuring appropriate security controls

Which of the following memorandums reminds the Federal agencies that it is required by law and policy to establish clear privacy policies for Web activities and to comply with those policies

Which of the following acts is used to recognize the importance of information security to the economic and national security interests of the United States

Numerous information security standards promote good security practices and define frameworks or systems to structure the analysis and design for managing information security controls. Which of the following are the U.S. Federal Government information security standards Each correct answer represents a complete solution. Choose all that apply.

Fill in the blank with an appropriate phrase. The ______________ process is used for allocating performance and designing the requirements to each function.

Which of the following organizations incorporates building secure audio and video communications equipment, making tamper protection products, and providing trusted microelectronics solutions

Which of the CNSS policies describes the national policy on certification and accreditation of national security telecommunications and information systems

Which of the following individuals reviews and approves project deliverables from a QA perspective

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support

Which of the following cooperative programs carried out by NIST provides a nationwide network of local centers offering technical and business assistance to small manufacturers

Which of the following security controls will you use for the deployment phase of the SDLC to build secure software Each correct answer represents a complete solution. Choose all that apply.

Which of the following processes provides guidance to the system designers and form the basis of major events in the acquisition phases, such as testing the products for system integration

Which of the following firewall types operates at the Network layer of the OSI model and can filter data by port, interface address, source address, and destination address

Which of the following statements is true about residual risks

Which of the following cooperative programs carried out by NIST encourages performance excellence among U.S. manufacturers, service companies, educational institutions, and healthcare providers

Which of the following are the benefits of SE as stated by MIL-STD-499B Each correct answer represents a complete solution. Choose all that apply.

Which of the following processes illustrate the study of a technical nature of interest to focused audience, and consist of interim or final reports on work made by NIST for external sponsors, including government and non-government sponsors

Which of the following characteristics are described by the DIAP Information Readiness Assessment function Each correct answer represents a complete solution. Choose all that apply.

Which of the following memorandums reminds the departments and agencies of the OMB principles for including and funding security as an element of agency information technology systems and architectures and of the decision criteria which is used to evaluate security for information systems investments

You work as a security engineer for BlueWell Inc. Which of the following documents will you use as a guide for the security certification and accreditation of Federal Information Systems

Which of the following certification levels requires the completion of the minimum security checklist and more in-depth, independent analysis

What NIACAP certification levels are recommended by the certifier Each correct answer represents a complete solution. Choose all that apply.

There are seven risk responses for any project. Which one of the following is a valid risk response for a negative risk event