Which risk response is appropriate for both positive and negative risk events?
There are seven risks responses that a project manager can choose from. Which risk response is
appropriate for both positive and negative risk events?
What will you do to accomplish the task?
You work as a Security Manager for Tech Perfect Inc. In the organization, Syslog is used for
computer system management and security auditing, as well as for generalized informational,
analysis, and debugging messages. You want to prevent a denial of service (DoS) for the Syslog
server and the loss of Syslog messages from other sources. What will you do to accomplish the
task?
Which of the following procedures of the configuration management will you follow to accomplish the task?
You work as a project manager for a company. The company has started a new security software
project. The software configuration management will be used throughout the lifecycle of the
project. You are tasked to modify the functional features and the basic logic of the software and
then make them compatible to the initial design of the project. Which of the following procedures of
the configuration management will you follow to accomplish the task?
Which of the following areas of information system, as separated by Information Assurance Framework, is a coll
Which of the following areas of information system, as separated by Information Assurance
Framework, is a collection of local computing devices, regardless of physical location, that are
interconnected via local area networks (LANs) and governed by a single security policy?
Which of the following is a signature-based intrusion detection system (IDS) ?
Which of the following is a signature-based intrusion detection system (IDS) ?
Which of the following statements about the availability concept of Information security management is true?
Which of the following statements about the availability concept of Information security
management is true?
Which of the following are required to be addressed in a well designed policy?
A security policy is an overall general statement produced by senior management that dictates
what role security plays within the organization. Which of the following are required to be
addressed in a well designed policy? Each correct answer represents a part of the solution.
Choose all that apply.
What are the process activities of this phase?
The Phase 4 of DITSCAP C&A is known as Post Accreditation. This phase starts after the system
has been accredited in Phase 3. What are the process activities of this phase? Each correct
answer represents a complete solution. Choose all that apply.
Which of the following documents will you use as a guide for the security certification and accreditation of F
You work as a security engineer for BlueWell Inc. Which of the following documents will you use
as a guide for the security certification and accreditation of Federal Information Systems?
Which of the following is an example of over-the-air (OTA) provisioning in digital rights management?
Which of the following is an example of over-the-air (OTA) provisioning in digital rights
management?