Which of the following are the accreditation determinations issued by the DAA?
The IAM/CA makes certification accreditation recommendations to the DAA. The DAA issues accreditation determinations. Which of the following are the accreditation determinations issued by the DAA?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following governance bodies provides management, operational and technical controls to satisfy se
Which of the following governance bodies provides management, operational and technical controls to satisfy security requirements?
Which of the following concepts represent the three fundamental principles of information security?
Which of the following concepts represent the three fundamental principles of information security?
Each correct answer represents a complete solution. Choose three.
Authorizing Official?
An Authorizing Official plays the role of an approver. What are the responsibilities of an
Authorizing Official?
Each correct answer represents a complete solution. Choose all that apply.
According to this criteria, which of the following controls consists of incident response processes, managemen
To help review or design security controls, they can be classified by several criteria. One of these criteria is based on nature. According to this criteria, which of the following controls consists of incident response processes, management oversight, security awareness, and training?
Which of the following are the common roles with regard to data in an information classification program?
Which of the following are the common roles with regard to data in an information classification program?
Each correct answer represents a complete solution. Choose all that apply.
Which one of the following is NOT an accomplishment of the qualitative risk analysis process?
You are the project manager of the GHQ project for your company. You are working you’re your project team to prepare for the qualitative risk analysis process. Mary, a project team member, does not understand why you need to complete qualitative risks analysis. You explain to Mary that qualitative risks analysis helps you determine which risks needs additional analysis. There are also some other benefits that qualitative risks analysis can do for the project. Which one of the following is NOT an accomplishment of the qualitative risk analysis process?
What are the process activities of this phase?
The Phase 2 of DITSCAP C&A is known as Verification. The goal of this phase is to obtain a fully integrated system for certification testing and accreditation. What are the process activities of this phase?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following are included in Administrative Controls?
Which of the following are included in Administrative Controls?
Each correct answer represents a complete solution. Choose all that apply.
What type of risk response is Sam using?
Sam is the project manager of a construction project in south Florida. This area of the United
States is prone to hurricanes during certain parts of the year. As part of the project plan Sam and the project team acknowledge the possibility of hurricanes and the damage the hurricane could have on the project’s deliverables, the schedule of the project, and the overall cost of the project.
Once Sam and the project stakeholders acknowledge the risk of the hurricane they go on planning the project as if the risk is not likely to happen. What type of risk response is Sam using?