ISC2 CISSP-ISSEP Exam Questions and Answers 2021

Your success in is our sole target and we develop all our in a way that facilitates the attainment of this target. Not only is our material the best you can find, it is also the most detailed and the most updated. for ISC2 CISSP-ISSEP are written to the highest standards of technical accuracy.

Online CISSP-ISSEP free questions and answers of New Version:

NEW QUESTION 1
Which of the following DoD directives defines DITSCAP as the standard C&A process for the Department of Defense

  • A. DoD 5200.22-M
  • B. DoD 8910.1
  • C. DoD 5200.40
  • D. DoD 8000.1

Answer: C

NEW QUESTION 2
Which of the following tasks obtains the customer agreement in planning the technical effort

  • A. Task 9
  • B. Task 11
  • C. Task 8
  • D. Task 10

Answer: B

NEW QUESTION 3
Which of the following processes illustrate the study of a technical nature of interest to focused audience, and consist of interim or final reports on work made by NIST for external
sponsors, including government and non-government sponsors

  • A. Federal Information Processing Standards (FIPS)
  • B. Special Publication (SP)
  • C. NISTIRs (Internal Reports)
  • D. DIACAP

Answer: C

NEW QUESTION 4
Which of the following CNSS policies describes the national policy on use of cryptomaterial by activities operating in high risk environments

  • A. CNSSP N
  • B. 14
  • C. NCSC N
  • D. 5
  • E. NSTISSP N
  • F. 6
  • G. NSTISSP N
  • H. 7

Answer: B

NEW QUESTION 5
The functional analysis process is used for translating system requirements into detailed function criteria. Which of the following are the elements of functional analysis process Each correct answer represents a complete solution. Choose all that apply.

  • A. Model possible overall system behaviors that are needed to achieve the system requirements.
  • B. Develop concepts and alternatives that are not technology or component bound.
  • C. Decompose functional requirements into discrete tasks or activities, the focus is still on technology not functions or components.
  • D. Use a top-down with some bottom-up approach verification.

Answer: ABD

NEW QUESTION 6
Fill in the blank with an appropriate phrase. The process is used for allocating performance and designing the requirements to each function.

  • A. functional allocation

Answer: A

NEW QUESTION 7
According to U.S. Department of Defense (DoD) Instruction 8500.2, there are eight Information Assurance (IA) areas, and the controls are referred to as IA controls. Which of the following are among the eight areas of IA defined by DoD Each correct answer represents a complete solution. Choose all that apply.

  • A. DC Security Design & Configuration
  • B. EC Enclave and Computing Environment
  • C. VI Vulnerability and Incident Management
  • D. Information systems acquisition, development, and maintenance

Answer: ABC

NEW QUESTION 8
Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident

  • A. Corrective controls
  • B. Safeguards
  • C. Detective controls
  • D. Preventive controls

Answer: A

NEW QUESTION 9
Which of the following categories of system specification describes the technical requirements that cover a service, which is performed on a component of the system

  • A. Product specification
  • B. Process specification
  • C. Material specification
  • D. Development specification

Answer: B

NEW QUESTION 10
Which of the following is a 1996 United States federal law, designed to improve the way the federal government acquires, uses, and disposes information technology

  • A. Lanham Act
  • B. Clinger-Cohen Act
  • C. Computer Misuse Act
  • D. Paperwork Reduction Act

Answer: B

NEW QUESTION 11
Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one

  • A. Configuration Item Costing
  • B. Configuration Identification
  • C. Configuration Verification and Auditing
  • D. Configuration Status Accounting

Answer: A

NEW QUESTION 12
Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted by the National Security Agency for protecting sensitive, unclassified information in the systems as stated in Section 2315 of Title 10, United States Code

  • A. Type I cryptography
  • B. Type II cryptography
  • C. Type III (E) cryptography
  • D. Type III cryptography

Answer: B

NEW QUESTION 13
Which of the following Security Control Assessment Tasks evaluates the operational, technical, and the management security controls of the information system using the techniques and measures selected or developed

  • A. Security Control Assessment Task 3
  • B. Security Control Assessment Task 1
  • C. Security Control Assessment Task 4
  • D. Security Control Assessment Task 2

Answer: A

NEW QUESTION 14
Which of the following is the application of statistical methods to the monitoring and control of a process to ensure that it operates at its full potential to produce conforming product

  • A. Information Assurance (IA)
  • B. Statistical process control (SPC)
  • C. Information Protection Policy (IPP)
  • D. Information management model (IMM)

Answer: B

NEW QUESTION 15
What are the subordinate tasks of the Implement and Validate Assigned IA Control phase in the DIACAP process Each correct answer represents a complete solution. Choose all that apply.

  • A. Conduct activities related to the disposition of the system data and objects.
  • B. Combine validation results in DIACAP scorecard.
  • C. Conduct validation activities.
  • D. Execute and update IA implementation plan.

Answer: BCD

NEW QUESTION 16
There are seven risk responses for any project. Which one of the following is a valid risk response for a negative risk event

  • A. Acceptance
  • B. Enhance
  • C. Share
  • D. Exploit

Answer: A

NEW QUESTION 17
Which of the following cooperative programs carried out by NIST conducts research to advance the nation's technology infrastructure

  • A. Manufacturing Extension Partnership
  • B. NIST Laboratories
  • C. Baldrige National Quality Program
  • D. Advanced Technology Program

Answer: B

NEW QUESTION 18
Which of the following describes a residual risk as the risk remaining after a risk mitigation has occurred

  • A. SSAA
  • B. ISSO
  • C. DAA
  • D. DIACAP

Answer: D

NEW QUESTION 19
Which of the following federal agencies coordinates, directs, and performs highly specialized activities to protect U.S. information systems and produces foreign intelligence information

  • A. National Institute of Standards and Technology (NIST)
  • B. National Security AgencyCentral Security Service (NSACSS)
  • C. Committee on National Security Systems (CNSS)
  • D. United States Congress

Answer: B

P.S. Easily pass CISSP-ISSEP Exam with 213 Q&As Simply pass Dumps & pdf Version, Welcome to Download the Newest Simply pass CISSP-ISSEP Dumps: https://www.simply-pass.com/ISC2-exam/CISSP-ISSEP-dumps.html (213 New Questions)