Summer Certification Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
ISC
ISC certification
ISSEP
ISSEP Information Systems Security Engineering Professional Questions and Answers

Pass the ISC certification ISSEP Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam ISSEP Premium Access

View all detail and faqs for the ISSEP exam

Go to Exam

652 Students Passed

97% Average Score

95% Same Questions

Viewing page 4 out of 7 pages

Viewing questions 31-40 out of questions

Questions # 31:

Which of the following federal agencies coordinates, directs, and performs highly specialized activities to protect U.S. information systems and produces foreign intelligence information

Options:

National Institute of Standards and Technology (NIST)

National Security AgencyCentral Security Service (NSACSS)

Committee on National Security Systems (CNSS)

United States Congress

Answer

Questions # 32:

Which of the following phases of the ISSE model is used to determine why the system needs to be built and what information needs to be protected

Options:

Develop detailed security design

Define system security requirements

Discover information protection needs

Define system security architecture

Answer

Questions # 33:

Which of the following statements is true about residual risks

Options:

It can be considered as an indicator of threats coupled with vulnerability.

It is a weakness or lack of safeguard that can be exploited by a threat.

It is the probabilistic risk after implementing all security measures.

It is the probabilistic risk before implementing all security measures.

Answer

Questions # 34:

Which of the following is a standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system

Options:

SSAA

TCSEC

FIPS

FITSAF

Answer

Questions # 35:

Certification and Accreditation (C&A or CnA) is a process for implementing information security. It is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to or after a system is in operation. Which of the following statements are true about Certification and Accreditation Each correct answer represents a complete solution. Choose two.

Options:

Accreditation is a comprehensive assessment of the management, operational, and technical security controls in an information system.

Accreditation is the official management decision given by a senior agency official to authorize operation of an information system.

Certification is a comprehensive assessment of the management, operational, and technical security controls in an information system.

Certification is the official management decision given by a senior agency official to authorize operation of an information system.

Answer

B, C

Questions # 36:

Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted by the National Security Agency for protecting classified information

Options:

Type III cryptography

Type III (E) cryptography

Type II cryptography

Type I cryptography

Answer

Questions # 37:

The functional analysis process is used for translating system requirements into detailed function criteria. Which of the following are the elements of functional analysis process Each correct answer represents a complete solution. Choose all that apply.

Options:

Model possible overall system behaviors that are needed to achieve the system requirements.

Develop concepts and alternatives that are not technology or component bound.

Decompose functional requirements into discrete tasks or activities, the focus is still on technology not functions or components.

Use a top-down with some bottom-up approach verification.

Answer

A, B, D

Questions # 38:

Which of the following organizations incorporates building secure audio and video communications equipment, making tamper protection products, and providing trusted microelectronics solutions

Options:

DTIC

NSA IAD

DIAP

DARPA

Answer

Questions # 39:

Which of the following certification levels requires the completion of the minimum security checklist, and the system user or an independent certifier can complete the checklist

Options:

CL 2

CL 3

CL 1

CL 4

Answer

Questions # 40:

Which of the following requires all general support systems and major applications to be fully certified and accredited before these systems and applications are put into production Each correct answer represents a part of the solution. Choose all that apply.