ISC CAP CAP – Certified Authorization Professional Online Training
ISC CAP Online Training
The questions for CAP were last updated at Sep 11,2025.
- Exam Code: CAP
- Exam Name: CAP – Certified Authorization Professional
- Certification Provider: ISC
- Latest update: Sep 11,2025
Which of the following processes is a structured approach to transitioning individuals, teams, and organizations from a current state to a desired future state?
- A . Procurement management
- B . Change management
- C . Risk management
- D . Configuration management
You are the project manager for your company and a new change request has been approved for your project. This change request, however, has introduced several new risks to the project. You have communicated these risk events and the project stakeholders understand the possible effects these risks could have on your project. You elect to create a mitigation response for the identified risk events.
Where will you record the mitigation response?
- A . Project management plan
- B . Risk management plan
- C . Risk log
- D . Risk register
Which of the following RMF phases is known as risk analysis?
- A . Phase 2
- B . Phase 1
- C . Phase 0
- D . Phase 3
Jenny is the project manager of the NHJ Project for her company. She has identified several positive risk events within the project and she thinks these events can save the project time and money. You, a new team member wants to know that how many risk responses are available for a positive risk event.
What will Jenny reply to you?
- A . Four
- B . Seven
- C . Acceptance is the only risk response for positive risk events.
- D . Three
Wendy is about to perform qualitative risk analysis on the identified risks within her project.
Which one of the following will NOT help Wendy to perform this project management activity?
- A . Stakeholder register
- B . Risk register
- C . Project scope statement
- D . Risk management plan
Which of the following roles is responsible for review and risk analysis of all contracts on a regular basis?
- A . The Supplier Manager
- B . The IT Service Continuity Manager
- C . The Service Catalogue Manager
- D . The Configuration Manager
You are the project manager for the NHH project. You are working with your project team to examine the project from four different defined perspectives to increase the breadth of identified risks by including internally generated risks.
What risk identification approach are you using in this example?
- A . SWOT analysis
- B . Root cause analysis
- C . Assumptions analysis
- D . Influence diagramming techniques
Which of the following are included in Physical Controls? Each correct answer represents a complete solution. Choose all that apply.
- A . Locking systems and removing unnecessary floppy or CD-ROM drives
- B . Environmental controls
- C . Password and resource management
- D . Identification and authentication methods
- E . Monitoring for intrusion
- F . Controlling individual access into the facility and different departments
Which of the following NIST Special Publication documents provides a guideline on network security testing?
- A . NIST SP 800-60
- B . NIST SP 800-53A
- C . NIST SP 800-37
- D . NIST SP 800-42
- E . NIST SP 800-59
- F . NIST SP 800-53
Which one of the following is the only output for the qualitative risk analysis process?
- A . Project management plan
- B . Risk register updates
- C . Enterprise environmental factors
- D . Organizational process assets
Latest CAP Dumps Valid Version with 395 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
