CISSP-ISSEPPreview

Which of the following is a type of security management for computers and networks in order to identify security breaches

SIMULATION -
For interactive and self-paced preparation of exam ISSEP, try our practice exams.
Practice exams also include self assessment and reporting features!
Fill in the blank with an appropriate word. _______ has the goal to securely interconnect people and systems independent of time or location.

Which of the following Registration Tasks notifies the DAA, Certifier, and User Representative that the system requires C&A Support

Which of the following Security Control Assessment Tasks gathers the documentation and supporting materials essential for the assessment of the security controls in the information system

Which of the following types of firewalls increases the security of data packets by remembering the state of connection at the network and the session layers as they pass through the filter

Which of the following federal laws is designed to protect computer data from theft

Which of the following professionals is responsible for starting the Certification & Accreditation (C&A) process

Which of the following security controls is a set of layered security services that address communications and data security problems in the emerging Internet and intranet application space

Which of the following protocols is used to establish a secure terminal to a remote network device

Which of the following elements of Registration task 4 defines the system's external interfaces as well as the purpose of each external interface, and the relationship between the interface and the system

DoD 8500.2 establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels. Which of the following MAC levels requires basic integrity and availability

Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one

Which of the following guidelines is recommended for engineering, protecting, managing, processing, and controlling national security and sensitive (although unclassified) information

Which of the following professionals plays the role of a monitor and takes part in the organization's configuration management process

Which of the following processes culminates in an agreement between key players that a system in its current configuration and operation provides adequate protection controls

The Phase 4 of DITSCAP C&A is known as Post Accreditation. This phase starts after the system has been accredited in Phase 3. What are the process activities of this phase Each correct answer represents a complete solution. Choose all that apply.

Which of the following email lists is written for the technical audiences, and provides weekly summaries of security issues, new vulnerabilities, potential impact, patches and workarounds, as well as the actions recommended to mitigate risk

Which of the following tasks obtains the customer agreement in planning the technical effort

Which of the following documents were developed by NIST for conducting Certification & Accreditation (C&A) Each correct answer represents a complete solution.
Choose all that apply.

Which of the following elements are described by the functional requirements task Each correct answer represents a complete solution. Choose all that apply.

Which of the following documents is defined as a source document, which is most useful for the ISSE when classifying the needed security functionality

What are the responsibilities of a system owner Each correct answer represents a complete solution. Choose all that apply.

Which of the following Registration Tasks sets up the business or operational functional description and system identification

SIMULATION -
Fill in the blank with an appropriate section name. _________________ is a section of the SEMP template, which specifies the methods and reasoning planned to build the requisite trade-offs between functionality, performance, cost, and risk.