CSSLP

What component of the change management system is responsible for evaluating, testing, and documenting changes created to the project scope?A . Project Management Information SystemB . Integrated Change ControlC . Configuration Management SystemD . Scope VerificationView AnswerAnswer: C Explanation: The change management system is comprised of several components that guide...

You are the project manager for GHY Project and are working to create a risk response for a negative risk. You and the project team have identified the risk that the project may not complete on time, as required by the management, due to the creation of the user guide...

The LeGrand Vulnerability-Oriented Risk Management method is based on vulnerability analysis and consists of four principle steps. Which of the following processes does the risk assessment step include? Each correct answer represents a part of the solution. Choose all that apply.A . Remediation of a particular vulnerabilityB . Cost-benefit examination...

FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows that the procedures and controls have been implemented?A . Level 2B . Level 3C . Level 5D . Level 1E . Level 4View...

Bill is the project manager of the JKH Project. He and the project team have identified a risk event in the project with a high probability of occurrence and the risk event has a high cost impact on the project. Bill discusses the risk event with Virginia, the primary project...

Which of the following types of redundancy prevents attacks in which an attacker can get physical control of a machine, insert unauthorized software, and alter data?A . Data redundancyB . Hardware redundancyC . Process redundancyD . Application redundancyView AnswerAnswer: C Explanation: Process redundancy permits software to run simultaneously on multiple...

What are the subordinate tasks of the Initiate and Plan IA C&A phase of the DIACAP process? Each correct answer represents a complete solution. Choose all that apply.A . Initiate IA implementation planB . Develop DIACAP strategyC . Assign IA controls.D . Assemble DIACAP teamE . Register system with DoD...

Which of the following methods determines the principle name of the current user and returns the jav a.security.Principal object in the HttpServletRequest interface?A . getUserPrincipal()B . isUserInRole()C . getRemoteUser()D . getCallerPrincipal()View AnswerAnswer: A Explanation: The getUserPrincipal() method determines the principle name of the current user and returns the java.security.Principal object....

DoD 8500.2 establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels. Which of the following MAC levels requires high integrity and medium availability?A . MAC IIIB . MAC IVC . MAC ID . MAC IIView AnswerAnswer: D Explanation: The various MAC levels are...

Which of the following security design patterns provides an alternative by requiring that a user's authentication credentials be verified by the database before providing access to that user's data?A . Secure assertionB . Authenticated sessionC . Password propagationD . Account lockoutView AnswerAnswer: C Explanation: Password propagation provides an alternative by...