DIACAP applies to the acquisition, operation, and sustainment of any DoD system that collects,
stores, transmits, or processes unclassified or classified information since December 1997. What
phases are identified by DIACAP? Each correct answer represents a complete solution. Choose
all that apply.

Management has asked you to perform a risk audit and report back on the results. Bonny, a
project team member asks you what a risk audit is. What do you tell Bonny?

Which of the following steps are generally followed in computer forensic examinations? Each
correct answer represents a complete solution. Choose three.

Which of the following methods can be helpful to eliminate social engineering threat? Each correct
answer represents a complete solution. Choose three.

You work as a security manager for SoftTech Inc. You are conducting a security awareness
campaign for your employees. Which of the following ideas will you consider the best when

conducting a security awareness campaign?

Which of the following ‘Code of Ethics Canons’ of the ‘(ISC)2 Code of Ethics’ states to act
honorably, honestly, justly, responsibly and legally?

Which of the following rated systems of the Orange book has mandatory protection of the TCB?

Which of the following SDLC phases consists of the given security controls. Misuse Case
Modeling Security Design and Architecture Review Threat and Risk Modeling Security
Requirements and Test Cases Generation

Which of the following liabilities is a third-party liability in which an individual may be responsible
for an action by another party?

Which of the following measurements of an enterprise’s security state is the process whereby an
organization establishes the parameters within which programs, investments, and acquisitions
reach the desired results?