Exam Code: CAP (Practice Exam Latest Test Questions VCE PDF)
Exam Name: ISC2 CAP Certified Authorization Professional
Certification Provider: ISC2
Free Today! Guaranteed Training- Pass CAP Exam.
2021 Sep CAP book
Q21. Which of the following system security policies is used to address specific issues of concern to the organization?
A. Program policy
B. Issue-specific policy
C. Informative policy
D. System-specific policy
Answer: B
Q22. Joan is a project management consultant and she has been hired by a firm to help them identify risk events within the project. Joan would first like to examine the project documents including the plans, assumptions lists, project files, and contracts. What key thing will help Joan to discover risks within the review of the project documents?
A. The project documents will help the project manager, or Joan, to identify what risk identification approach is best to pursue.
B. Plans that have loose definitions of terms and disconnected approaches will reveal risks.
C. Poorly written requirements will reveal inconsistencies in the project plans and documents.
D. Lack of consistency between the plans and the project requirements and assumptions can be the indicators of risk in the project.
Answer: D
Q23. Which of the following access control models uses a predefined set of access privileges for an object of a system?
A. Discretionary Access Control
B. Mandatory Access Control
C. Policy Access Control
D. Role-Based Access Control
Answer: B
Q24. In which type of access control do user ID and password system come under?
A. Administrative
B. Technical
C. Power
D. Physical
Answer: B
Q25. Diane is the project manager of the HGF Project. A risk that has been identified and analyzed in the project planning processes is now coming into fruition. What individual should respond to the risk with the preplanned risk response?
A. Diane
B. Risk owner
C. Subject matter expert
D. Project sponsor
Answer: B
Updated CAP test:
Q26. You are the project manager of the GHY project for your organization. You are working with your project team to begin identifying risks for the project. As part of your preparation for identifying the risks within the project you will need eleven inputs for the process. Which one of the following is NOT an input to the risk identification process?
A. Cost management plan
B. Procurement management plan
C. Stakeholder register
D. Quality management plan
Answer: B
Q27. During which of the following processes, probability and impact matrix is prepared?
A. Plan Risk Responses
B. Perform Quantitative Risk Analysis
C. Perform Qualitative Risk Analysis
D. Monitoring and Control Risks
Answer: C
Q28. John is the project manager of the NHQ Project for his company. His project has 75 stakeholders, some of which are external to the organization. John needs to make certain that he communicates about risk in the most appropriate method for the external stakeholders. Which project management plan will be the best guide for John to communicate to the external stakeholders?
A. Communications Management Plan
B. Risk Management Plan
C. Project Management Plan
D. Risk ResponsePlan
Answer: A
Q29. Which of the following are included in Physical Controls?
Each correct answer represents a complete solution. Choose all that apply.
A. Locking systems and removing unnecessary floppy or CD-ROM drives
B. Environmental controls
C. Password and resource management
D. Identification and authentication methods
E. Monitoring for intrusion
F. Controlling individual access into the facilityand different departments
Answer: ABEF
Q30. During qualitative risk analysis you want to define the risk urgency assessment. All of the following are indicators of risk priority except for which one?
A. Symptoms
B. Cost of the project
C. Warning signs
D. Risk rating
Answer: B