You are the program manager for your project. You are working with the project managers
regarding the procurement processes for their projects. You have ruled out one particular
contract type because it is considered too risky for the program. Which one of the following
contract types is usually considered to be the most dangerous for the buyer?

Which of the following NIST documents provides a guideline for identifying an information
system as a National Security System?

You are the project manager of the GHY project for your organization. You are working with
your project team to begin identifying risks for the project. As part of your preparation for
identifying the risks within the project you will need eleven inputs for the process. Which one
of the following is NOT an input to the risk identification process?

There are seven risks responses that a project manager can choose from. Which risk
response is appropriate for both positive and negative risk events?

What course of action can be taken by a party if the current negotiations fail and an
agreement cannot be reached?

Which of the following is the acronym of RTM?

Thomas is the project manager of the NHJ Project for his company. He has identified
several positive risk events within his project and he thinks these events can save the
project time and money. Positive risk events, such as these within the NHJ Project are also
known as what?

You are the project manager of the GGG project. You have completed the risk identification
process for the initial phases of your project. As you begin to document the risk events in
the risk register what additional information can you associate with the identified risk
events?

Which of the following are the tasks performed by the owner in the information classification
schemes? Each correct answer represents a part of the solution. Choose three.

Which of the following approaches can be used to build a security program? Each correct
answer represents a complete solution. Choose all that apply.