ISC CAP CAP – Certified Authorization Professional Online Training
ISC CAP Online Training
The questions for CAP were last updated at Sep 13,2025.
- Exam Code: CAP
- Exam Name: CAP – Certified Authorization Professional
- Certification Provider: ISC
- Latest update: Sep 13,2025
Which of the following concepts represent the three fundamental principles of information security? Each correct answer represents a complete solution. Choose three.
- A . Privacy
- B . Integrity
- C . Availability
- D . Confidentiality
Which of the following governance bodies provides management, operational and technical controls to satisfy security requirements?
- A . Chief Information Security Officer
- B . Senior Management
- C . Information Security Steering Committee
- D . Business Unit Manager
Your organization has a project that is expected to last 20 months but the customer would really like the project completed in 18 months. You have worked on similar projects in the past and believe that you could fast track the project and reach the 18 month deadline.
What increases when you fast track a project?
- A . Risks
- B . Costs
- C . Resources
- D . Communication
The IAM/CA makes certification accreditation recommendations to the DAA. The DAA issues accreditation determinations.
Which of the following are the accreditation determinations issued by the DAA? Each correct answer represents a complete solution. Choose all that apply.
- A . IATO
- B . ATO
- C . IATT
- D . ATT
- E . DATO
Tom is the project manager for his organization. In his project he has recently finished the risk response planning. He tells his manager that he will now need to update the cost and schedule baselines.
Why would the risk response planning cause Tom the need to update the cost and schedule baselines?
- A . New or omitted work as part of a risk response can cause changes to the cost and/or schedule baseline.
- B . Risk responses protect the time and investment of the project.
- C . Baselines should not be updated, but refined through versions.
- D . Risk responses may take time and money to implement.
During qualitative risk analysis you want to define the risk urgency assessment. All of the following are indicators of risk priority except for which one?
- A . Risk rating
- B . Warning signs
- C . Cost of the project
- D . Symptoms
You are the project manager of the NKQ project for your organization. You have completed the quantitative risk analysis process for this portion of the project.
What is the only output of the quantitative risk analysis process?
- A . Probability of reaching project objectives
- B . Risk contingency reserve
- C . Risk response
- D . Risk register updates
You work as the project manager for Bluewell Inc. You are working on NGQQ Projectyou’re your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks.
Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
- A . Risk acceptance
- B . Risk avoidance
- C . Risk transference
- D . Risk mitigation
You work as a project manager for BlueWell Inc. You are currently working with the project stakeholders to identify risks in your project. You understand that the qualitative risk assessment and analysis can reflect the attitude of the project team and other stakeholders to risk. Effective assessment of risk requires management of the risk attitudes of the participants.
What should you, the project manager, do with assessment of identified risks in consideration of the attitude and bias of the participants towards the project risk?
- A . Document the bias for the risk events and communicate the bias with management
- B . Evaluate and document the bias towards the risk events
- C . Evaluate the bias through SWOT for true analysis of the risk events
- D . Evaluate the bias towards the risk events and correct the assessment accordingly
Which of the following evidences are the collection of facts that, when considered together, can be used to infer a conclusion about the malicious activity/person?
- A . Circumstantial
- B . Incontrovertible
- C . Direct
- D . Corroborating
Latest CAP Dumps Valid Version with 395 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
