Which of the following acts is used to recognize the importance of information security to the economic and national security interests of the United States
Which of the following documents is described in the statement below It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning.
Which of the following responsibilities are executed by the federal program manager
Which of the following phases of the ISSE model is used to determine why the system needs to be built and what information needs to be protected
Which of the following agencies provides command and control capabilities and enterprise infrastructure to continuously operate and assure a global net-centric enterprise in direct support to joint warfighters, National level leaders, and other mission and coalition partners across the full spectrum of operations
Which of the following principles are defined by the IATF model Each correct answer represents a complete solution. Choose all that apply.
Which of the following individuals informs all C&A participants about life cycle actions, security requirements, and documented user needs
Fill in the blanks with an appropriate phrase. The______________ is the process of translating system requirements into detailed function criteri a.
The National Information Assurance Certification and Accreditation Process (NIACAP) is the minimum standard process for the certification and accreditation of computer and telecommunications systems that handle U.S. national security information. What are the different types of NIACAP accreditation Each correct answer represents a complete solution. Choose all that apply.
Which of the following terms describes the measures that protect and support information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation
FIPS 199 defines the three levels of potential impact on organizations low, moderate, and high. Which of the following are the effects of loss of confidentiality, integrity, or availability in a high level potential impact
Which of the CNSS policies describes the national policy on certification and accreditation of national security telecommunications and information systems
Fill in the blanks with an appropriate phrase. A ________ is an approved build of the product, and can be a single component or a combination of components.
Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted as a Federal Information Processing Standard
Which of the following is a 1996 United States federal law, designed to improve the way the federal government acquires, uses, and disposes information technology
Which of the following tools demands involvement by upper executives, in order to integrate quality into the business system and avoid delegation of quality functions to junior administrators
You are working as a project manager in your organization. You are nearing the final stages of project execution and looking towards the final risk monitoring and controlling activities. For your project archives, which one of the following is an output of risk monitoring and control
Under which of the following CNSS policies, NIACAP is mandatory for all the systems that process USG classified information
Your project has several risks that may cause serious financial impact should they happen. You have studied the risk events and made some potential risk responses for the risk events but management wants you to do more. They'd like for you to create some type of a chart that identified the risk probability and impact with a financial amount for each risk event. What is the likely outcome of creating this type of chart
Which of the following DoD directives defines DITSCAP as the standard C&A process for the Department of Defense
Fill in the blank with an appropriate phrase. The ______________ process is used for allocating performance and designing the requirements to each function.
Which of the following security controls works as the totality of protection mechanisms within a computer system, including hardware, firmware, and software, the combination of which is responsible for enforcing a security policy
Which of the following DITSCAPNIACAP model phases is used to show the required evidence to support the DAA in accreditation process and conclude in an Approval To Operate (ATO)
The phase 3 of the Risk Management Framework (RMF) process is known as mitigation planning. Which of the following processes take place in phase 3 Each correct answer represents a complete solution. Choose all that apply.
Which of the following acts assigns the Chief Information Officers (CIO) with the responsibility to develop Information Technology Architectures (ITAs) and is also referred to as the Information Technology Management Reform Act (ITMRA)
Which of the following are the phases of the Certification and Accreditation (C&A) process Each correct answer represents a complete solution. Choose two.
The Phase 2 of DITSCAP C&A is known as Verification. The goal of this phase is to obtain a fully integrated system for certification testing and accreditation. What are the process activities of this phase Each correct answer represents a complete solution. Choose all that apply.
Which of the following organizations is a USG initiative designed to meet the security testing, evaluation, and assessment needs of both information technology (IT) producers and consumers
Which of the following processes culminates in an agreement between key players that a system in its current configuration and operation provides adequate protection controls
Which of the following laws is the first to implement penalties for the creator of viruses, worms, and other types of malicious code that causes harm to the computer systems
Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities