Download Information Systems Security Engineering Professional.CISSP-ISSEP.SelfTestEngine.2018-11-27.118q.vcex

Vendor: ISC
Exam Code: CISSP-ISSEP
Exam Name: Information Systems Security Engineering Professional
Date: Nov 27, 2018
File Size: 78 KB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAM_HUB

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
Which of the following tasks obtains the customer agreement in planning the technical effort  
  1. Task 9
  2. Task 11
  3. Task 8
  4. Task 10
Correct answer: B
Question 2
Which of the following documents were developed by NIST for conducting Certification & Accreditation (C&A) Each correct answer represents a complete solution. 
Choose all that apply.
  1. NIST Special Publication 800-59
  2. NIST Special Publication 800-60
  3. NIST Special Publication 800-37A
  4. NIST Special Publication 800-37
  5. NIST Special Publication 800-53
  6. NIST Special Publication 800-53A
Correct answer: ABDEF
Explanation:
Question 3
Which of the following elements are described by the functional requirements task Each correct answer represents a complete solution. Choose all that apply.
  1. Coverage
  2. Accuracy
  3. Quality
  4. Quantity
Correct answer: ACD
Question 4
Which of the following documents is defined as a source document, which is most useful for the ISSE when classifying the needed security functionality
  1. Information Protection Policy (IPP)
  2. IMM
  3. System Security Context
  4. CONOPS
Correct answer: A
Question 5
What are the responsibilities of a system owner Each correct answer represents a complete solution. Choose all that apply.
  1. Integrates security considerations into application and system purchasing decisions and development projects.
  2. Ensures that the necessary security controls are in place. 
  3. Ensures that adequate security is being provided by the necessary controls, password management, remote access controls, operating system configurations, and so on.
  4. Ensures that the systems are properly assessed for vulnerabilities and must report any to the incident response team and data owner.
Correct answer: ACD
Question 6
Which of the following Registration Tasks sets up the business or operational functional description and system identification
  1. Registration Task 2
  2. Registration Task 1
  3. Registration Task 3
  4. Registration Task 4
Correct answer: B
Question 7
Which of the following federal agencies provides a forum for the discussion of policy issues, sets national policy, and promulgates direction, operational procedures, and guidance for the security of national security systems
  1. National Security AgencyCentral Security Service (NSACSS)
  2. National Institute of Standards and Technology (NIST)
  3. United States Congress
  4. Committee on National Security Systems (CNSS)
Correct answer: D
Explanation:
Question 8
Which of the following statements is true about residual risks
  1. It can be considered as an indicator of threats coupled with vulnerability.
  2. It is a weakness or lack of safeguard that can be exploited by a threat.
  3. It is the probabilistic risk after implementing all security measures.
  4. It is the probabilistic risk before implementing all security measures.
Correct answer: C
Question 9
According to U.S. Department of Defense (DoD) Instruction 8500.2, there are eight Information Assurance (IA) areas, and the controls are referred to as IA controls. Which of the following are among the eight areas of IA defined by DoD Each correct answer represents a complete solution. Choose all that apply. 
  1. DC Security Design & Configuration
  2. EC Enclave and Computing Environment
  3. VI Vulnerability and Incident Management
  4. Information systems acquisition, development, and maintenance
Correct answer: ABC
Explanation:
Question 10
Certification and Accreditation (C&A or CnA) is a process for implementing information security. It is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to or after a system is in operation. Which of the following statements are true about Certification and Accreditation Each correct answer represents a complete solution. Choose two.
  1. Accreditation is a comprehensive assessment of the management, operational, and technical security controls in an information system.
  2. Accreditation is the official management decision given by a senior agency official to authorize operation of an information system.
  3. Certification is a comprehensive assessment of the management, operational, and technical security controls in an information system.
  4. Certification is the official management decision given by a senior agency official to authorize operation of an information system.
Correct answer: BC
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!