CISSP-ISSMP

Which of the following roles is used to ensure that the confidentiality, integrity, and availability of the services are maintained to the levels approved on the Service Level Agreement (SLA)?A . The Service Level ManagerB . The Configuration ManagerC . The IT Security ManagerD . The Change ManagerView AnswerAnswer: C

Change Management is used to ensure that standardized methods and procedures are used for efficient handling of all changes. Who decides the category of a change?A . The Problem ManagerB . The Process ManagerC . The Change ManagerD . The Service DeskE . The Change Advisory BoardView AnswerAnswer: C

Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?A . Business continuity planB . Disaster recovery planC . Continuity of Operations PlanD . Contingency planView AnswerAnswer: D

What component of the change management system is responsible for evaluating, testing, and documenting changes created to the project scope?A . Scope VerificationB . Project Management Information SystemC . Integrated Change ControlD . Configuration Management SystemView AnswerAnswer: D

The goal of Change Management is to ensure that standardized methods and procedures are used for efficient handling of all changes. Which of the following are Change Management terminologies? Each correct answer represents a part of the solution. Choose three.A . Request for ChangeB . Service Request ManagementC . ChangeD...

Which of the following characteristics are described by the DIAP Information Readiness Assessment function? Each correct answer represents a complete solution. Choose all that apply.A . It performs vulnerability/threat analysis assessment.B . It identifies and generates IA requirements.C . It provides data needed to accurately assess IA readiness.D . It...

Which of the following contract types is described in the statement below? "This contract type provides no incentive for the contractor to control costs and hence is rarely utilized."A . Cost Plus Fixed FeeB . Cost Plus Percentage of CostC . Cost Plus Incentive FeeD . Cost Plus Award FeeView...

Which of the following response teams aims to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing among members and the community at large?A . CSIRTB . CERTC . FIRSTD . FedCIRCView AnswerAnswer: C

Which of the following refers to an information security document that is used in the United States Department of Defense (DoD) to describe and accredit networks and systems?A . SSAAB . FITSAFC . FIPSD . TCSECView AnswerAnswer: A

Which of the following analysis provides a foundation for measuring investment of time, money and human resources required to achieve a particular outcome?A . Vulnerability analysisB . Cost-benefit analysisC . Gap analysisD . Requirement analysisView AnswerAnswer: C