Which of the following is NOT a responsibility of a data owner?

Which of the following is NOT an objective of the security program?

Which of the following documents were developed by NIST for conducting Certification & Accreditation (C&A)?

Each correct answer represents a complete solution. Choose all that apply.

ISO 17799 has two parts. The first part is an implementation guide with guidelines on how to build a comprehensive information security infrastructure and the second part is an auditing guide based on requirements that must be met for an organization to be deemed compliant with ISO 17799. What are the ISO 17799 domains?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following recovery plans includes specific strategies and actions to deal with specific

variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

Which of the following is an Information Assurance (IA) model that protects and defends information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation?

You work as a project manager for BlueWell Inc. Your project is running late and you must respond to the risk. Which risk response can you choose that will also cause you to update the human resource management plan?

Which of the following documents is described in the statement below?

“It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning.”

Which of the following are the goals of risk management?

Each correct answer represents a complete solution. Choose three.

The Project Risk Management knowledge area focuses on which of the following processes?

Each correct answer represents a complete solution. Choose all that apply.