According to this criteria, which of the following controls consists of incident response processes, managemen
To help review or design security controls, they can be classified by several criteria. One of these criteria is based on nature. According to this criteria, which of the following controls consists of incident response processes, management oversight, security awareness, and training?
Which of the following are the common roles with regard to data in an information classification program?
Which of the following are the common roles with regard to data in an information classification program?
Each correct answer represents a complete solution. Choose all that apply.
Which one of the following is NOT an accomplishment of the qualitative risk analysis process?
You are the project manager of the GHQ project for your company. You are working you’re your project team to prepare for the qualitative risk analysis process. Mary, a project team member, does not understand why you need to complete qualitative risks analysis. You explain to Mary that qualitative risks analysis helps you determine which risks needs additional analysis. There are also some other benefits that qualitative risks analysis can do for the project. Which one of the following is NOT an accomplishment of the qualitative risk analysis process?
What are the process activities of this phase?
The Phase 2 of DITSCAP C&A is known as Verification. The goal of this phase is to obtain a fully integrated system for certification testing and accreditation. What are the process activities of this phase?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following are included in Administrative Controls?
Which of the following are included in Administrative Controls?
Each correct answer represents a complete solution. Choose all that apply.
What type of risk response is Sam using?
Sam is the project manager of a construction project in south Florida. This area of the United
States is prone to hurricanes during certain parts of the year. As part of the project plan Sam and the project team acknowledge the possibility of hurricanes and the damage the hurricane could have on the project’s deliverables, the schedule of the project, and the overall cost of the project.
Once Sam and the project stakeholders acknowledge the risk of the hurricane they go on planning the project as if the risk is not likely to happen. What type of risk response is Sam using?
How often should you and the project team do risk identification?
You and your project team are just starting the risk identification activities for a project that is scheduled to last for 18 months. Your project team has already identified a long list of risks that need to be analyzed. How often should you and the project team do risk identification?
A triad of information security systems?
Which of the following objectives are defined by integrity in the C.I.A triad of information security systems?
Each correct answer represents a part of the solution. Choose three.
Which of the following are included in Physical Controls?
Which of the following are included in Physical Controls?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following RMF phases is known as risk analysis?
Which of the following RMF phases is known as risk analysis?