Pass4sure provides 100% free of charge ISC2 CAP braindumps which assure your accomplishment at the 1st attempt. No far more other websites can provide this guarantee. You will have instantaneous access in order to our downloadable CAP analyze engine software. Obtain the perfect ISC2 ISC2 training materials and also make full preparation for the CAP exam. You will find everything accessible that may look in the ISC2 CAP exam. Our own ISC2 ISC2 exam questions and answers are in information and inside depth. We develop an interactive platform with regard to all the candidates. It is possible to visit the webpage, and also talk with the other person. So you will make progress quicker and also easier.
2021 Sep CAP study guide
Q201. Which of the following DITSCAP phases validates that the preceding work has produced an IS that operates in a specified computing environment?
A. Phase 4
B. Phase 3
C. Phase 2
D. Phase 1
Answer: B
Q202. Tom is the project manager for his organization. In his project he has recently finished the risk response planning. He tells his manager that he will now need to update the cost and schedule baselines. Why would the risk response planning cause Tom the need to update the cost and schedule baselines?
A. New or omitted work as part of a risk responsecan cause changes to the cost and/or schedule baseline.
B. Risk responses protect the time and investment of the project.
C. Baselines should not be updated, but refined through versions.
D. Risk responses may take time and money to implement.
Answer: A
Q203. Risks with low ratings of probability and impact are included on a ____ for future monitoring.
A. Watchlist
B. Risk alarm
C. Observation list
D. Risk register
Answer: A
Q204. A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. What are the different types of policies?
Each correct answer represents a complete solution. Choose all that apply.
A. Systematic
B. Informative
C. Regulatory
D. Advisory
Answer: BCD
Q205. In 2003, NIST developed a new Certification & Accreditation (C&A) guideline known as FIPS 199.
What levels of potential impact are defined by FIPS 199?
Each correct answer represents a complete solution. Choose all that apply.
A. Medium
B. High
C. Low
D. Moderate
Answer: ABC
Updated CAP exam guide:
Q206. Harry is the project manager of the MMQ Construction Project. In this project Harry has identified a supplier who can create stained glass windows for 1,000 window units in the construction project. The supplier is an artist who works by himself, but creates windows for several companies throughout the United States. Management reviews the proposal to use this supplier and while they agree that the supplier is talented, they do not think the artist can fulfill the 1,000 window units in time for the project's deadline. Management asked Harry to find a supplier who will guarantee the completion of the windows by the needed date in the schedule. What risk response has management asked Harry to implement?
A. Acceptance
B. Mitigation
C. Avoidance
D. Transference
Answer: B
Q207. Which of the following individuals is responsible for monitoring the information system environment for factors that can negatively impact the security of the system and its accreditation?
A. Chief Risk Officer
B. Chief Information Security Officer
C. Information System Owner
D. Chief Information Officer
Answer: C
Q208. A high-profile, high-priority project within your organization is being created. Management wants you to pay special attention to the project risks and do all that you can to ensure that all of the risks are identified early in the project. Management has to ensure that this project succeeds.
Management's risk aversion in this project is associated with what term?
A. Utility function
B. Risk conscience
C. Quantitativerisk analysis
D. Risk mitigation
Answer: A
Q209. FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows that the procedures and controls are tested and reviewed?
A. Level 1
B. Level 2
C. Level 4
D. Level 5
E. Level 3
Answer: C
Q210. Which of the following are the objectives of the security certification documentation task?
Each correct answer represents a complete solution. Choose all that apply.
A. To prepare the Plan of Action and Milestones (POAM) based on the security assessment
B. To provide the certification findings and recommendations to the information system owner
C. To assemble the final security accreditation package and then submit it to the authorizing o fficial
D. To update the system security plan based on the results of the security assessment
Answer: ABCD