Precise CISSP-ISSEP Exam Questions 2021

Your success in is our sole target and we develop all our in a way that facilitates the attainment of this target. Not only is our material the best you can find, it is also the most detailed and the most updated. for ISC2 CISSP-ISSEP are written to the highest standards of technical accuracy.

Check CISSP-ISSEP free dumps before getting the full version:

NEW QUESTION 1
You have been tasked with finding an encryption methodology that will encrypt most types of email attachments. The requirements are that your solution must use the RSA algorithm. Which of the following is your best choice

  • A. PGP
  • B. SMIME
  • C. DES
  • D. Blowfish

Answer: B

NEW QUESTION 2
Your project has several risks that may cause serious financial impact should they happen. You have studied the risk events and made some potential risk responses for the risk events but management wants you to do more. They'd like for you to create some type of a chart that identified the risk probability and impact with a financial amount for each risk event. What is the likely outcome of creating this type of chart

  • A. Risk response plan
  • B. Quantitative analysis
  • C. Risk response
  • D. Contingency reserve

Answer: D

NEW QUESTION 3
Which of the following areas of information system, as separated by Information Assurance Framework, is a collection of local computing devices, regardless of physical location, that are interconnected via local area networks (LANs) and governed by a single security policy

  • A. Networks and Infrastructures
  • B. Supporting Infrastructures
  • C. Enclave Boundaries
  • D. Local Computing Environments

Answer: C

NEW QUESTION 4
You work as a Network Administrator for PassGuide Inc. You need to secure web services of your company in order to have secure transactions. Which of the following will you recommend for providing security

  • A. HTTP
  • B. VPN
  • C. SMIME
  • D. SSL

Answer: D

NEW QUESTION 5
The National Information Assurance Certification and Accreditation Process (NIACAP) is the minimum standard process for the certification and accreditation of computer and telecommunications systems that handle U.S. national security information. Which of the following participants are required in a NIACAP security assessment Each correct answer represents a part of the solution. Choose all that apply.

  • A. Information Assurance Manager
  • B. Designated Approving Authority
  • C. Certification agent
  • D. IS program manager
  • E. User representative

Answer: BCDE

NEW QUESTION 6
In which of the following phases of the interconnection life cycle as defined by NIST SP
800-47 does the participating organizations perform the following tasks Perform preliminary activities. Examine all relevant technical, security and administrative issues. Form an agreement governing the management, operation, and use of the interconnection.

  • A. Establishing the interconnection
  • B. Disconnecting the interconnection
  • C. Planning the interconnection
  • D. Maintaining the interconnection

Answer: C

NEW QUESTION 7
Which of the following assessment methodologies defines a six-step technical security evaluation

  • A. FITSAF
  • B. OCTAVE
  • C. FIPS 102
  • D. DITSCAP

Answer: C

NEW QUESTION 8
FIPS 199 defines the three levels of potential impact on organizations. Which of the following potential impact levels shows limited adverse effects on organizational operations, organizational assets, or individuals

  • A. Moderate
  • B. Medium
  • C. High
  • D. Low

Answer: D

NEW QUESTION 9
Which of the following DoD policies provides assistance on how to implement policy,
assign responsibilities, and prescribe procedures for applying integrated, layered protection of the DoD information systems and networks

  • A. DoD 8500.1 Information Assurance (IA)
  • B. DoDI 5200.40
  • C. DoD 8510.1-M DITSCAP
  • D. DoD 8500.2 Information Assurance Implementation

Answer: D

NEW QUESTION 10
Which of the following Net-Centric Data Strategy goals are required to increase enterprise and community data over private user and system data Each correct answer represents a complete solution. Choose all that apply.

  • A. Understandability
  • B. Visibility
  • C. Interoperability
  • D. Accessibility

Answer: BD

NEW QUESTION 11
Which of the following federal laws are related to hacking activities Each correct answer represents a complete solution. Choose three.

  • A. 18 U.S.
  • B. 1030
  • C. 18 U.S.
  • D. 1029
  • E. 18 U.S.
  • F. 2510
  • G. 18 U.S.
  • H. 1028

Answer: ABC

NEW QUESTION 12
Fill in the blanks with an appropriate phrase. The is the process of translating system requirements into detailed function criteri a.

  • A. functional analysis

Answer: A

NEW QUESTION 13
Numerous information security standards promote good security practices and define frameworks or systems to structure the analysis and design for managing information security controls. Which of the following are the international information security standards Each correct answer represents a complete solution. Choose all that apply.

  • A. Organization of information security
  • B. Human resources security
  • C. Risk assessment and treatment
  • D. AU audit and accountability

Answer: ABC

NEW QUESTION 14
Which of the following refers to an information security document that is used in the United States Department of Defense (DoD) to describe and accredit networks and systems

  • A. SSAA
  • B. FITSAF
  • C. FIPS
  • D. TCSEC

Answer: A

NEW QUESTION 15
Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using

  • A. Risk acceptance
  • B. Risk mitigation
  • C. Risk avoidance
  • D. Risk transfer

Answer: D

NEW QUESTION 16
The Chief Information Officer (CIO), or Information Technology (IT) director, is a job title commonly given to the most senior executive in an enterprise. What are the responsibilities of a Chief Information Officer Each correct answer represents a complete solution. Choose all that apply.

  • A. Proposing the information technology needed by an enterprise to achieve its goals and then working within a budget to implement the plan
  • B. Preserving high-level communications and working group relationships in an organization
  • C. Establishing effective continuous monitoring program for the organization
  • D. Facilitating the sharing of security risk-related information among authorizing officials

Answer: ABC

NEW QUESTION 17
The Information System Security Officer (ISSO) and Information System Security Engineer (ISSE) play the role of a supporter and advisor, respectively. Which of the following statements are true about ISSO and ISSE Each correct answer represents a complete solution. Choose all that apply.

  • A. An ISSE manages the security of the information system that is slated for Certification & Accreditation (C&A).
  • B. An ISSE provides advice on the impacts of system changes.
  • C. An ISSE provides advice on the continuous monitoring of the information system.
  • D. An ISSO manages the security of the information system that is slated for Certification & Accreditation (C&A).
  • E. An ISSO takes part in the development activities that are required to implement system changes.

Answer: BCD

NEW QUESTION 18
You work as a systems engineer for BlueWell Inc. You are working on translating system requirements into detailed function criteria. Which of the following diagrams will help you to show all of the function requirements and their groupings in one diagram

  • A. Activity diagram
  • B. Functional flow block diagram (FFBD)
  • C. Functional hierarchy diagram
  • D. Timeline analysis diagram

Answer: C

NEW QUESTION 19
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event

  • A. Earned value management
  • B. Risk audit
  • C. Corrective action
  • D. Technical performance measurement

Answer: C

P.S. Certifytools now are offering 100% pass ensure CISSP-ISSEP dumps! All CISSP-ISSEP exam questions have been updated with correct answers: https://www.certifytools.com/CISSP-ISSEP-exam.html (213 New Questions)