- All Exams Instant Download
Which of the following objectives are defined by integrity in the C.I.A triad of information security systems? Each correct answer represents a part of the solution. Choose three.
Which of the following objectives are defined by integrity in the C.I.A triad of information security systems? Each correct answer represents a part of the solution. Choose three.A . It preserves the internal and external consistency of information.B . It prevents the unauthorized or unintentional modification of information by the...
Which one of the following is NOT a probable reason for relying on organizational process assets as an input for qualitative risk analysis?
You are preparing to start the qualitative risk analysis process for your project. You will be relying on some organizational process assets to influence the process. Which one of the following is NOT a probable reason for relying on organizational process assets as an input for qualitative risk analysis?A ....
What are the process activities of this phase?
The Phase 2 of DITSCAP C&A is known as Verification. The goal of this phase is to obtain a fully integrated system for certification testing and accreditation. What are the process activities of this phase? Each correct answer represents a complete solution. Choose all that apply.A . Configuring refinement of...
Which of the following processes take place in phase 3?
The phase 3 of the Risk Management Framework (RMF) process is known as mitigation planning. Which of the following processes take place in phase 3? Each correct answer represents a complete solution. Choose all that apply.A . Identify threats, vulnerabilities, and controls that will be evaluated.B . Document and implement...
Where can a project manager find risk-rating rules?
Where can a project manager find risk-rating rules?A . Risk probability and impact matrixB . Organizational process assetsC . Enterprise environmental factorsD . Risk management planView AnswerAnswer: B
What positive risk response has happened in this instance?
Eric is the project manager of the MTC project for his company. In this project a vendor has offered Eric a sizeable discount on all hardware if his order total for the project is more than $125,000. Right now, Eric is likely to spend $118,000 with vendor. If Eric spends...
What are the different phases of System Authorization Plan?
System Authorization is the risk management process. System Authorization Plan (SAP) is a comprehensive and uniform approach to the System Authorization Process. What are the different phases of System Authorization Plan? Each correct answer represents a part of the solution. Choose all that apply.A . Pre-certificationB . CertificationC . Post-certificationD...
What is the only output of the quantitative risk analysis process?
You are the project manager of the NKQ project for your organization. You have completed the quantitative risk analysis process for this portion of the project. What is the only output of the quantitative risk analysis process?A . Probability of reaching project objectivesB . Risk contingency reserveC . Risk responseD...
Which of the following NIST Special Publication documents provides a guideline on network security testing?
Which of the following NIST Special Publication documents provides a guideline on network security testing?A . NIST SP 800-60B . NIST SP 800-53AC . NIST SP 800-37D . NIST SP 800-42E . NIST SP 800-59F . NIST SP 800-53View AnswerAnswer: D
What should you, the project manager, do with assessment of identified risks in consideration of the attitude and bias of the participants towards the project risk?
You work as a project manager for BlueWell Inc. You are currently working with the project stakeholders to identify risks in your project. You understand that the qualitative risk assessment and analysis can reflect the attitude of the project team and other stakeholders to risk. Effective assessment of risk requires...
