Tag - CAP exam

You work as the project manager for Bluewell Inc. You are working on NGQQ Projectyou’re your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response...

Which of the following professionals is responsible for starting the Certification & Accreditation (C&A) process?A . Information system ownerB . Authorizing OfficialC . Chief Risk Officer (CRO)D . Chief Information Officer (CIO)View AnswerAnswer: A

Gary is the project manager of his organization. He is managing a project that is similar to a project his organization completed recently. Gary has decided that he will use the information from the past project to help him and the project team to identify the risks that may be...

Penetration testing (also called pen testing) is the practice of testing a computer system, network, or Web application to find vulnerabilities that an attacker could exploit. Which of the following areas can be exploited in a penetration test? Each correct answer represents a complete solution. Choose all that apply.A ....

Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them. Which of the following access control models will he use?A . Mandatory Access ControlB . Role-Based Access ControlC . Discretionary Access ControlD . Policy Access ControlView AnswerAnswer: B

Which of the following roles is responsible for review and risk analysis of all contracts on a regular basis?A . The Supplier ManagerB . The IT Service Continuity ManagerC . The Service Catalogue ManagerD . The Configuration ManagerView AnswerAnswer: A

The National Information Assurance Certification and Accreditation Process (NIACAP) is the minimum standard process for the certification and accreditation of computer and telecommunications systems that handle U.S. national security information. What are the different types of NIACAP accreditation? Each correct answer represents a complete solution. Choose all that apply.A ....

Jeff, a key stakeholder in your project, wants to know how the risk exposure for the risk events is calculated during quantitative risk analysis. He is worried about the risk exposure which is too low for the events surrounding his project requirements. How is the risk exposure calculated?A . The...

Which of the following requires all general support systems and major applications to be fully certified and accredited before these systems and applications are put into production? Each correct answer represents a part of the solution. Choose all that apply.A . NISTB . FIPSC . FISMAD . Office of Management...

Which of the following DITSCAP phases validates that the preceding work has produced an IS that operates in a specified computing environment?A . Phase 4B . Phase 3C . Phase 2D . Phase 1View AnswerAnswer: B