Free ISC CAP Exam Questions (page: 52)

Which of the following NIST Special Publication documents provides a guideline on network security testing?

  1. NIST SP 800-60
  2. NIST SP 800-53A
  3. NIST SP 800-37
  4. NIST SP 800-42
  5. NIST SP 800-59
  6. NIST SP 800-53

Answer(s): D



Which one of the following is the only output for the qualitative risk analysis process?

  1. Project management plan
  2. Risk register updates
  3. Enterprise environmental factors
  4. Organizational process assets

Answer(s): B



You are the project manager of the GHG project. You are preparing for the quantitative risk analysis process. You are using organizational process assets to help you complete the quantitative risk analysis process.
Which one of the following is NOT a valid reason to utilize organizational process assets as a part of the quantitative risk analysis process?

  1. You will use organizational process assets for risk databases that may be available from industry sources.
  2. You will use organizational process assets for studies of similar projects by risk specialists.
  3. You will use organizational process assets to determine costs of all risks events within the current project.
  4. You will use organizational process assets for information from prior similar projects.

Answer(s): C



Which of the following objectives are defined by integrity in the C.I.A triad of information security systems?
Each correct answer represents a part of the solution. Choose three.

  1. It preservesthe internal and external consistency of information.
  2. It prevents the unauthorized or unintentional modification of information by the authorized users.
  3. It prevents the modification of information by the unauthorized users.
  4. It prevents the intentional or unintentional unauthorized disclosure of a message's contents .

Answer(s): A,B,C



Viewing page 52 of 99



Post your Comments and Discuss ISC CAP exam prep with other Community members:

CAP Exam Discussions & Posts