CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC
  5. CAP

Free CAP Exam Braindumps (page: 36)

Page 35 of 99
PDF with 395 Questions

Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

  1. Continuity of Operations Plan
  2. Disaster recovery plan
  3. Contingency plan
  4. Business continuity plan

Answer(s): C



The Phase 2 of DITSCAP C&A is known as Verification. The goal of this phase is to obtain a fully integrated system for certification testing and accreditation.
What are the process activities of this phase?
Each correct answer represents a complete solution. Choose all that apply.

  1. System development
  2. Certification analysis
  3. Registration
  4. Assessment of the Analysis Results
  5. Configuring refinement of the SSAA

Answer(s): A,B,D,E



ISO 17799 has two parts. The first part is an implementation guide with guidelines on how to build a comprehensive information security infrastructure and the second part is an auditing guide based on requirements that must be met for an organization to be deemed compliant with ISO 17799.
What are the ISO 17799 domains?
Each correct answer represents a complete solution. Choose all that apply.

  1. Information security policy for the organization
  2. Personnel security
  3. Business continuity management
  4. System architecture management
  5. System development and maintenance

Answer(s): A,B,C,E



Certification and Accreditation (C&A or CnA) is a process for implementing information security. It is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to or after a system is in operation.
Which of the following statements are true about Certification and Accreditation?
Each correct answer represents a complete solution. Choose two.

  1. Certification is a comprehensive assessment of the management, operational, and technical security controls in an information system.
  2. Accreditation is a comprehensive assessment of the management, operational, and technical security controls in an information system.
  3. Certification is the official management decision given by a senior agency official to authorize operation of an information system.
  4. Accreditation is the official management decision given by a senior agency official to authorize operation of an information system.

Answer(s): A,D






Post your Comments and Discuss ISC CAP exam with other Community members:

CAP Exam Discussions & Posts