System meets all control requirements
Software Development Life Cycle (SDLC) is a logical process used by programmers to develop
software. Which of the following SDLC phases meets the audit objectives defined below: System
and data are validated. System meets all user requirements. System meets all control
requirements.
Which of the following features do these tools have?
The build environment of secure coding consists of some tools that actively support secure
specification, design, and implementation. Which of the following features do these tools have?
Each correct answer represents a complete solution. Choose all that apply.
What are the security advantages of virtualization, as described in the NIST Information Security and Privacy
What are the security advantages of virtualization, as described in the NIST Information Security
and Privacy Advisory Board (ISPAB) paper “Perspectives on Cloud Computing and Standards”?
Each correct answer represents a complete solution. Choose three.
Which of the following persons in an organization is responsible for rejecting or accepting the residual risk
Which of the following persons in an organization is responsible for rejecting or accepting the
residual risk for a system?
Which of the following requires all general support systems and major applications to be fully certified…
Which of the following requires all general support systems and major applications to be fully
certified and accredited before these systems and applications are put into production? Each
correct answer represents a part of the solution. Choose all that apply.
What phases are identified by DIACAP?
DIACAP applies to the acquisition, operation, and sustainment of any DoD system that collects,
stores, transmits, or processes unclassified or classified information since December 1997. What
phases are identified by DIACAP? Each correct answer represents a complete solution. Choose
all that apply.
Which of the following are the goals of risk management?
Which of the following are the goals of risk management? Each correct answer represents a
complete solution. Choose three.
Which of the following NIST SP 800-53A interviews consists of informal and ad hoc interviews?
NIST SP 800-53A defines three types of interview depending on the level of assessment
conducted. Which of the following NIST SP 800-53A interviews consists of informal and ad hoc
interviews?
Which of the following are the principle duties performed by the BIOS during POST (power-on-self-test)?
Which of the following are the principle duties performed by the BIOS during POST (power-on-self-test)? Each correct answer represents a part of the solution. Choose all that apply.
which of the following architecture styles does a device receive input from connectors and generate transform
In which of the following architecture styles does a device receive input from connectors and
generate transformed outputs?