Which of the following documents is defined as a source document, which is most useful for the ISSE when classifying the needed security functionality
In which of the following phases of the interconnection life cycle as defined by NIST SP 800-47, do the organizations build and execute a plan for establishing the interconnection, including executing or configuring appropriate security controls
Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities
You work as a security engineer for BlueWell Inc. According to you, which of the following DITSCAPNIACAP model phases occurs at the initiation of the project, or at the initial C&A effort of a legacy system
Which of the following is an Information Assurance (IA) model that protects and defends information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation
Which of the following cooperative programs carried out by NIST encourages performance excellence among U.S. manufacturers, service companies, educational institutions, and healthcare providers
Which of the following configuration management system processes defines which items will be configuration managed, how they are to be identified, and how they are to be documented
You work as a systems engineer for BlueWell Inc. You want to protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. Which of the following processes will you use to accomplish the task
Which of the following guidelines is recommended for engineering, protecting, managing, processing, and controlling national security and sensitive (although unclassified) information
Which of the following is a subset discipline of Corporate Governance focused on information security systems and their performance and risk management
FIPS 199 defines the three levels of potential impact on organizations. Which of the following potential impact levels shows limited adverse effects on organizational operations, organizational assets, or individuals
Which of the following security controls works as the totality of protection mechanisms within a computer system, including hardware, firmware, and software, the combination of which is responsible for enforcing a security policy
Which of the following configuration management system processes keeps track of the changes so that the latest acceptable configuration specifications are readily available
The National Information Assurance Certification and Accreditation Process (NIACAP) is the minimum standard process for the certification and accreditation of computer and telecommunications systems that handle U.S. national security information. What are the different types of NIACAP accreditation Each correct answer represents a complete solution. Choose all that apply.
You work as a security engineer for BlueWell Inc. According to you, which of the following statements determines the main focus of the ISSE process
Which of the following terms describes the security of an information system against unauthorized access to or modification of information, whether in storage, processing, or transit, and against the denial of service to authorized users or the provision of service to unauthorized users
Choose and reorder the steps to built the system security architectures in accordance with the DoDAF.
Which of the following individuals reviews and approves project deliverables from a QA perspective
Which of the following roles is also known as the accreditor
Which of the following DoD directives is referred to as the Defense Automation Resources Management Manual
Which of the following memorandums reminds the departments and agencies of the OMB principles for including and funding security as an element of agency information technology systems and architectures and of the decision criteria which is used to evaluate security for information systems investments
Which of the of following departments protects and supports DoD information, information systems, and information networks that are critical to the department and the armed forces during the day-to-day operations, and in the time of crisis
There are seven risk responses for any project. Which one of the following is a valid risk response for a negative risk event
Which of the following responsibilities are executed by the federal program manager
Which of the following DoD directives defines DITSCAP as the standard C&A process for the Department of Defense
Drag and drop the correct DoD Policy Series at their appropriate places.
The ISSE model adds a security element into each phase of the system life cycle. Choose and reorder the phases of the ISSE model in which they occur.