QUESTION: 1
Which of the following approaches can be used to build a security program?
Each correct answer represents a complete solution. Choose all that apply.

A. Right-Up Approach
B. Left-Up Approach
C. Bottom-Up Approach
D. Top-Down Approach

Answer(s): C,D

QUESTION: 2
Fil in the blank with the appropriate phrase. __________ provides instructions and directions for
completing the Systems Security Authorization Agreement (SSAA).

A. DoDI 5200.40

Answer(s): A
QUESTION: 3
Which of the following phases of DITSCAP includes the activities that are necessary for the
continuing operation of an accredited IT system in its computing environment and for
addressing the changing threats that a system faces throughout its life cycle?

A. Phase 1, Definition
B. Phase 3, Validation
C. Phase 4, Post Accreditation Phase
D. Phase 2, Verification

Answer(s): C

QUESTION: 4
Which of the following DoD policies provides assistance on how to implement policy, assign
responsibilities, and prescribe procedures for applying integrated, layered protection of the DoD
information systems and networks?

A. DoD 8500.1 Information Assurance (IA)
B. DoDI 5200.40
C. DoD 8510.1-M DITSCAP
D. DoD 8500.2 Information Assurance Implementation

Answer(s): D
QUESTION: 5
Which of the following statements define the role of the ISSEP during the development of the
detailed security design, as mentioned in the IATF document?
Each correct answer represents a complete solution. Choose all that apply.

A. It identifies the information protection problems that needs to be solved.
B. It allocates security mechanisms to system security design elements.
C. It identifies custom security products.
https://Free-Braindumps.com
2

Free CISSP-ISSEP Exam Braindumps

Pass your Information Systems Security Engineering Professional exam with these free Actual Questions and Answers