Cause all that matters here is passing the ISC2 CAP exam. Cause all that you need is a high score of CAP ISC2 CAP Certified Authorization Professional exam. The only one thing you need to do is downloading Pass4sure CAP exam study guides now. We will not let you down with our money-back guarantee.
2021 Sep CAP rapidshare
Q51. Ned is the program manager for his organization and he's considering some new materials for his program. He and his team have never worked with these materials before and he wants to ask the vendor for some additional information, a demon, and even some samples. What type of a document should Ned send to the vendor?
A. IFB
B. RFI
C. RFQ
D. RFP
Answer: B
Q52. Shoulder surfing is a type of in-person attack in which the attacker gathers information about the premises of an organization. This attack is often performed by looking surreptitiously at the keyboard of an employee's computer while he is typing in his password at any access point such as a terminal/Web site. Which of the following is violated in a shoulder surfing attack?
A. Authenticity
B. Integrity
C. Availability
D. Confidentiality
Answer: D
Q53. What component of the change management system is responsible for evaluating, testing, and documenting changes created to the project scope?
A. Configuration Management System
B. Project Management InformationSystem
C. Scope Verification
D. Integrated Change Control
Answer: A
Q54. Which of the following documents were developed by NIST for conducting Certification & Accreditation (C&A)?
Each correct answer represents a complete solution. Choose all that apply.
A. NIST Special Publication 800-53A
B. NIST Special Publication 800-37A
C. NIST Special Publication 800-59
D. NIST Special Publication 800-53
E. NIST Special Publication 800-37
F. NIST Special Publication 800-60
Answer: ACDEF
Q55. Which of the following NIST documents includes components for penetration testing?
A. NIST SP 800-53
B. NIST SP 800-26
C. NIST SP 800-37
D. NIST SP 800-30
Answer: D
Leading CAP free practice exam:
Q56. Harry is the project manager of the MMQ Construction Project. In this project Harry has identified a supplier who can create stained glass windows for 1,000 window units in the construction project. The supplier is an artist who works by himself, but creates windows for several companies throughout the United States. Management reviews the proposal to use this supplier and while they agree that the supplier is talented, they do not think the artist can fulfill the 1,000 window units in time for the project's deadline. Management asked Harry to find a supplier who will guarantee the completion of the windows by the needed date in the schedule. What risk response has management asked Harry to implement?
A. Mitigation
B. Acceptance
C. Transference
D. Avoidance
Answer: A
Q57. The risk transference is referred to the transfer of risks to a third party, usually for a fee, it creates a contractual-relationship for the third party to manage the risk on behalf of the performing organization. Which one of the following is NOT an example of the transference risk response?
A. Use of insurance
B. Life cycle costing
C. Warranties
D. Performance bonds
Answer: B
Q58. You and your project team are just starting the risk identification activities for a project that is scheduled to last for 18 months. Your project team has already identified a long list of risks that need to be analyzed. How often should you and the project team do risk identification?
A. At least once per month
B. Several times until the project moves into execution
C. It depends on how many risks are initially identified.
D. Identify risks is an iterative process.
Answer: D
Q59. Nancy is the project manager of the NHH project. She and the project team have identified a significant risk in the project during the qualitative risk analysis process. Bob is familiar with the technology that the risk is affecting and proposes to Nancy a solution to the risk event. Nancy tells Bob that she has noted his response, but the risk really needs to pass through the quantitative risk analysis process before creating responses. Bob disagrees and ensures Nancy that his response is most appropriate for the identified risk. Who is correct in this scenario?
A. Bob is correct. Bob is familiar with the technology and the risk event so his response should be implemented.
B. Nancy is correct. Because Nancy is the project manager she can determine the correct procedures for risk analysis and risk responses. In addition, she has noted the risk response that Bob recommends.
C. Nancy is correct. All risks of significant probability and impact should pass the quantitative risk analysis process before risk responses are created.
D. Bob is correct. Not all riskevents have to pass the quantitative risk analysis process to develop effective risk responses.
Answer: D
Q60. You work as the project manager for Bluewell Inc. You are working on NGQQ Projectyou’re your company. You have completed the risk analysis processes for the risk events. You and the project team have created risk responses for most of the identified project risks. Which of the following risk response planning techniques will you use to shift the impact of a threat to a third party, together with the responses?
A. Risk acceptance
B. Risk avoidance
C. Risk transference
D. Risk mitigation
Answer: C