Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISC
  5. CISSP-ISSEP

Free ISC CISSP-ISSEP Exam Questions (page: 4)

Page 4 of 28
PDF with 214 Questions

Which of the following types of firewalls increases the security of data packets by remembering the state of connection at the network and the session layers as they pass through the filter?

  1. Stateless packet filter firewall
  2. PIX firewall
  3. Stateful packet filter firewall
  4. Virtual firewall

Answer(s): C



Certification and Accreditation (C&A or CnA) is a process for implementing information security. Which of the following is the correct order of C&A phases in a DITSCAP assessment?

  1. Definition, Validation, Verification, and Post Accreditation
  2. Verification, Definition, Validation, and Post Accreditation
  3. Verification, Validation, Definition, and Post Accreditation
  4. Definition, Verification, Validation, and Post Accreditation

Answer(s): D



Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted as a Federal Information Processing Standard?

  1. Type III (E) cryptography
  2. Type III cryptography
  3. Type I cryptography
  4. Type II cryptography

Answer(s): B



Which of the following professionals plays the role of a monitor and takes part in the organization's configuration management process?

  1. Chief Information Officer
  2. Authorizing Official
  3. Common Control Provider
  4. Senior Agency Information Security Officer

Answer(s): C



According to which of the following DoD policies, the implementation of DITSCAP is mandatory for all the systems that process both DoD classified and unclassified information?

  1. DoD 8500.2
  2. DoDI 5200.40
  3. DoD 8510.1-M DITSCAP
  4. DoD 8500.1 (IAW)

Answer(s): D



What are the subordinate tasks of the Initiate and Plan IA C&A phase of the DIACAP process?
Each correct answer represents a complete solution. Choose all that apply.

  1. Develop DIACAP strategy.
  2. Initiate IA implementation plan.
  3. Conduct validation activity.
  4. Assemble DIACAP team.
  5. Register system with DoD Component IA Program.
  6. Assign IA controls.

Answer(s): A,B,D,E,F



You work as a security manager for BlueWell Inc. You are going through the NIST SP 800-37 C&A methodology, which is based on four well defined phases. In which of the following phases of NIST SP 800-37 C&A methodology does the security categorization occur?

  1. Continuous Monitoring
  2. Initiation
  3. Security Certification
  4. Security Accreditation

Answer(s): B



Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system

  1. Data security requirement
  2. Network connection rule
  3. Applicable instruction or directive
  4. Security concept of operation

Answer(s): A



Viewing page 4 of 28
Viewing questions 25 - 32 out of 214 questions



Post your Comments and Discuss ISC CISSP-ISSEP exam prep with other Community members:

CISSP-ISSEP Exam Discussions & Posts