- All Exams Instant Download
Which of the following documents will you use as a guide for the security certification and accreditation of Federal Information Systems?
You work as a security engineer for BlueWell Inc. Which of the following documents will you use as a guide for the security certification and accreditation of Federal Information Systems?A . NIST Special Publication 800-59B . NIST Special Publication 800-37C . NIST Special Publication 800-60D . NIST Special Publication 800-53View...
Which of the following is a subset discipline of Corporate Governance focused on information security systems and their performance and risk management
Which of the following is a subset discipline of Corporate Governance focused on information security systems and their performance and risk managementA . Computer Misuse ActB . Clinger-Cohen ActC . ISGD . Lanham ActView AnswerAnswer: C
Which of the following phases of DITSCAP includes the activities that are necessary for the continuing operation of an accredited IT system in its computing environment and for addressing the changing threats that a system faces throughout its life cycle
Which of the following phases of DITSCAP includes the activities that are necessary for the continuing operation of an accredited IT system in its computing environment and for addressing the changing threats that a system faces throughout its life cycleA . Phase 1, DefinitionB . Phase 3, ValidationC . Phase...
Which of the following elements are described by the functional requirements task Each correct answer represents a complete solution. Choose all that apply.
Which of the following elements are described by the functional requirements task Each correct answer represents a complete solution. Choose all that apply.A . CoverageB . AccuracyC . QualityD . QuantityView AnswerAnswer: DCA
Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one
Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which oneA...
Which of the following DoD policies provides assistance on how to implement policy, assign responsibilities, and prescribe procedures for applying integrated, layered protection of the DoD information systems and networks
Which of the following DoD policies provides assistance on how to implement policy, assign responsibilities, and prescribe procedures for applying integrated, layered protection of the DoD information systems and networksA . DoD 8500.1 Information Assurance (IA)B . DoDI 5200.40C . DoD 8510.1-M DITSCAPD . DoD 8500.2 Information Assurance ImplementationView AnswerAnswer:...
Which of the following email lists is written for the technical audiences, and provides weekly summaries of security issues, new vulnerabilities, potential impact, patches and workarounds, as well as the actions recommended to mitigate risk
Which of the following email lists is written for the technical audiences, and provides weekly summaries of security issues, new vulnerabilities, potential impact, patches and workarounds, as well as the actions recommended to mitigate riskA . Cyber Security TipB . Cyber Security AlertC . Cyber Security BulletinD . Technical Cyber...
Which of the following processes illustrate the study of a technical nature of interest to focused audience, and consist of interim or final reports on work made by NIST for external sponsors, including government and non-government sponsors
Which of the following processes illustrate the study of a technical nature of interest to focused audience, and consist of interim or final reports on work made by NIST for external sponsors, including government and non-government sponsorsA . Federal Information Processing Standards (FIPS)B . Special Publication (SP)C . NISTIRs (Internal...
Which of the following are the most important activities in the Total Quality Management Each correct answer represents a complete solution?
TQM recognizes that quality of all the processes within an organization contribute to the quality of the product. Which of the following are the most important activities in the Total Quality Management Each correct answer represents a complete solution? Choose all that apply.A . Quality renewalB . Maintenance of qualityC...
Which of the following statements is true about residual risks
Which of the following statements is true about residual risksA . It can be considered as an indicator of threats coupled with vulnerability.B . It is a weakness or lack of safeguard that can be exploited by a threat.C . It is the probabilistic risk after implementing all security measures.D...
