CISSP-ISSEP : Information Systems Security Engineering Professional : Part 11
-
You work as a Network Administrator for PassGuide Inc. You need to secure web services of your company in order to have secure transactions. Which of the following will you recommend for providing security
- HTTP
- VPN
- SMIME
- SSL
-
Which of the following tasks prepares the technical management plan in planning the technical effort
- Task 10
- Task 9
- Task 7
- Task 8
-
Which of the following acts promote a risk-based policy for cost effective security Each correct answer represents a part of the solution. Choose all that apply.
- Clinger-Cohen Act
- Lanham Act
- Paperwork Reduction Act (PRA)
- Computer Misuse Act
-
SIMULATION
Fill in the blank with the appropriate phrase. __________ provides instructions and directions for completing the Systems Security Authorization Agreement (SSAA).
DoDI 5200.40
-
Stella works as a system engineer for BlueWell Inc. She wants to identify the performance thresholds of each build. Which of the following tests will help Stella to achieve her task
- Regression test
- Reliability test
- Functional test
- Performance test
-
Which of the following Registration Tasks sets up the system architecture description, and describes the C&A boundary
- Registration Task 3
- Registration Task 4
- Registration Task 2
- Registration Task 1
-
Which of the following NIST Special Publication documents provides a guideline on network security testing
- NIST SP 800-60
- NIST SP 800-37
- NIST SP 800-59
- NIST SP 800-42
- NIST SP 800-53A
- NIST SP 800-53
-
Which of the following approaches can be used to build a security program Each correct answer represents a complete solution. Choose all that apply.
- Right-Up Approach
- Left-Up Approach
- Bottom-Up Approach
- Top-Down Approach
-
Which of the following configuration management system processes keeps track of the changes so that the latest acceptable configuration specifications are readily available
- Configuration Identification
- Configuration Verification and Audit
- Configuration Status and Accounting
- Configuration Control
-
SIMULATION
For interactive and self-paced preparation of exam ISSEP, try our practice exams.
Practice exams also include self assessment and reporting features!
Fill in the blank with an appropriate word. _______ has the goal to securely interconnect people and systems independent of time or location.Netcentric
-
The Information System Security Officer (ISSO) and Information System Security Engineer (ISSE) play the role of a supporter and advisor, respectively. Which of the following statements are true about ISSO and ISSE Each correct answer represents a complete solution. Choose all that apply.
- An ISSE manages the security of the information system that is slated for Certification & Accreditation (C&A).
- An ISSE provides advice on the impacts of system changes.
- An ISSE provides advice on the continuous monitoring of the information system.
- An ISSO manages the security of the information system that is slated for Certification & Accreditation (C&A).
- An ISSO takes part in the development activities that are required to implement system changes.
-
Which of the following responsibilities are executed by the federal program manager
- Ensure justification of expenditures and investment in systems engineering activities.
- Coordinate activities to obtain funding.
- Review project deliverables.
- Review and approve project plans.
-
Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using
- Risk acceptance
- Risk mitigation
- Risk avoidance
- Risk transfer
-
Which of the following refers to an information security document that is used in the United States Department of Defense (DoD) to describe and accredit networks and systems
- SSAA
- FITSAF
- FIPS
- TCSEC
Subscribe
0 Comments
Newest