ISSEP Information Systems Security Engineering Professional v6.0

Page:    1 / 15   
Exam contains 213 questions

What are the subordinate tasks of the Initiate and Plan IA C&A phase of the DIACAP process Each correct answer represents a complete solution. Choose all that apply.

  • A. Develop DIACAP strategy.
  • B. Initiate IA implementation plan.
  • C. Conduct validation activity.
  • D. Assemble DIACAP team.
  • E. Register system with DoD Component IA Program.
  • F. Assign IA controls.


Answer : A,B,D,E,F

You work as a security engineer for BlueWell Inc. Which of the following documents will you use as a guide for the security certification and accreditation of Federal Information

Systems -

  • A. NIST Special Publication 800-59
  • B. NIST Special Publication 800-37
  • C. NIST Special Publication 800-60
  • D. NIST Special Publication 800-53


Answer : B

Which of the following documents is described in the statement below It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning.

  • A. Risk management plan
  • B. Project charter
  • C. Quality management plan
  • D. Risk register


Answer : D

Diane is the project manager of the HGF Project. A risk that has been identified and analyzed in the project planning processes is now coming into fruition. What individual should respond to the risk with the preplanned risk response

  • A. Project sponsor
  • B. Risk owner
  • C. Diane
  • D. Subject matter expert


Answer : B

Which of the following refers to a process that is used for implementing information security

  • A. Classic information security model
  • B. Certification and Accreditation (C&A)
  • C. Information Assurance (IA)
  • D. Five Pillars model


Answer : B

In which of the following phases of the interconnection life cycle as defined by NIST SP
800-47, do the organizations build and execute a plan for establishing the interconnection, including executing or configuring appropriate security controls

  • A. Establishing the interconnection
  • B. Planning the interconnection
  • C. Disconnecting the interconnection
  • D. Maintaining the interconnection


Answer : A

Which of the following tools demands involvement by upper executives, in order to integrate quality into the business system and avoid delegation of quality functions to junior administrators

  • A. ISO 90012000
  • B. Benchmarking
  • C. SEI-CMM
  • D. Six Sigma


Answer : A

Which of the following documents contains the threats to the information management, and the security services and controls required to counter those threats

  • A. System Security Context
  • B. Information Protection Policy (IPP)
  • C. CONOPS
  • D. IMM


Answer : B

Which of the following statements define the role of the ISSEP during the development of the detailed security design, as mentioned in the IATF document Each correct answer represents a complete solution. Choose all that apply.

  • A. It identifies the information protection problems that needs to be solved.
  • B. It allocates security mechanisms to system security design elements.
  • C. It identifies custom security products.
  • D. It identifies candidate commercial off-the-shelf (COTS)government off-the-shelf (GOTS) security products.


Answer : B,C,D

Which of the following individuals is responsible for the oversight of a program that is supported by a team of people that consists of, or be exclusively comprised of contractors

  • A. Quality Assurance Manager
  • B. Senior Analyst
  • C. System Owner
  • D. Federal program manager


Answer : D

Which of the following agencies serves the DoD community as the largest central resource for DoD and government-funded scientific, technical, engineering, and business related information available today

  • A. DISA B. DIAP
  • B. DTIC
  • C. DARPA


Answer : C

You work as a system engineer for BlueWell Inc. You want to verify that the build meets its data requirements, and correctly generates each expected display and report. Which of the following tests will help you to perform the above task

  • A. Functional test
  • B. Reliability test
  • C. Performance test
  • D. Regression test


Answer : A

You work as a system engineer for BlueWell Inc. Which of the following documents will help you to describe the detailed plans, procedures, and schedules to guide the transition process

  • A. Configuration management plan
  • B. Transition plan
  • C. Systems engineering management plan (SEMP)
  • D. Acquisition plan


Answer : B

Which of the following policies describes the national policy on the secure electronic messaging service

  • A. NSTISSP No. 11
  • B. NSTISSP No. 7
  • C. NSTISSP No. 6
  • D. NSTISSP No. 101


Answer : B

Which of the following is a subset discipline of Corporate Governance focused on information security systems and their performance and risk management

  • A. Computer Misuse Act
  • B. Clinger-Cohen Act
  • C. ISG
  • D. Lanham Act


Answer : C

Page:    1 / 15   
Exam contains 213 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.