NEW QUESTION 1
Fill in the blank with an appropriate phrase. seeks to improve the quality of process outputs by identifying and removing the causes of defects and variability in manufacturing and business processes.

• A. Six Sigma

Answer: A

NEW QUESTION 2
You work as a systems engineer for BlueWell Inc. You want to communicate the quantitative and qualitative system characteristics to all stakeholders. Which of the following documents will you use to achieve the above task

• A. IMM
• B. CONOPS
• C. IPP
• D. System Security Context

Answer: B

NEW QUESTION 3
Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities

• A. Advisory memoranda
• B. Directives
• C. Instructions
• D. Policies

Answer: D

NEW QUESTION 4
Which of the following are the most important tasks of the Information Management Plan (IMP) Each correct answer represents a complete solution. Choose all that apply.

• A. Define the Information Protection Policy (IPP).
• B. Define the System Security Requirements.
• C. Define the mission need.
• D. Identify how the organization manages its information.

Answer: ACD

NEW QUESTION 5
Which of the following is a subset discipline of Corporate Governance focused on information security systems and their performance and risk management

• A. Computer Misuse Act
• B. Clinger-Cohen Act
• C. ISG
• D. Lanham Act

Answer: C

NEW QUESTION 6
Which of the following professionals is responsible for starting the Certification & Accreditation (C&A) process

• A. Authorizing Official
• B. Information system owner
• C. Chief Information Officer (CIO)
• D. Chief Risk Officer (CRO)

Answer: B

NEW QUESTION 7
Which of the following agencies is responsible for funding the development of many technologies such as computer networking, as well as NLS

• A. DARPA
• B. DTIC
• C. DISA
• D. DIAP

Answer: A

NEW QUESTION 8
John works as a security engineer for BlueWell Inc. He wants to identify the different functions that the system will need to perform to meet the documented missionbusiness needs. Which of the following processes will John use to achieve the task

• A. Modes of operation
• B. Performance requirement
• C. Functional requirement
• D. Technical performance measures

Answer: C

NEW QUESTION 9
You are working as a project manager in your organization. You are nearing the final stages of project execution and looking towards the final risk monitoring and controlling activities. For your project archives, which one of the following is an output of risk monitoring and control

• A. Quantitative risk analysis
• B. Risk audits
• C. Requested changes
• D. Qualitative risk analysis

Answer: C

NEW QUESTION 10
Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system

• A. Data security requirement
• B. Network connection rule
• C. Applicable instruction or directive
• D. Security concept of operation

Answer: A

NEW QUESTION 11
Which of the following agencies serves the DoD community as the largest central resource for DoD and government-funded scientific, technical, engineering, and business related information available today

• A. DISA
• B. DIAP
• C. DTIC
• D. DARPA

Answer: C

NEW QUESTION 12
Which of the following acts assigns the Chief Information Officers (CIO) with the responsibility to develop Information Technology Architectures (ITAs) and is also referred to as the Information Technology Management Reform Act (ITMRA)

• A. Paperwork Reduction Act
• B. Computer Misuse Act
• C. Lanham Act
• D. Clinger Cohen Act

Answer: D

NEW QUESTION 13
Which of the following rated systems of the Orange book has mandatory protection of the TCB

• A. C-rated
• B. B-rated
• C. D-rated
• D. A-rated

Answer: B

NEW QUESTION 14
The National Information Assurance Certification and Accreditation Process (NIACAP) is the minimum standard process for the certification and accreditation of computer and telecommunications systems that handle U.S. national security information. Which of the following participants are required in a NIACAP security assessment Each correct answer represents a part of the solution. Choose all that apply.

• A. Information Assurance Manager
• B. Designated Approving Authority
• C. Certification agent
• D. IS program manager
• E. User representative

Answer: BCDE

NEW QUESTION 15
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event

• A. Earned value management
• B. Risk audit
• C. Corrective action
• D. Technical performance measurement

Answer: C

NEW QUESTION 16
Which of the following documents were developed by NIST for conducting Certification & Accreditation (C&A) Each correct answer represents a complete solution. Choose all that apply.

• A. NIST Special Publication 800-59
• B. NIST Special Publication 800-60
• C. NIST Special Publication 800-37A
• D. NIST Special Publication 800-37
• E. NIST Special Publication 800-53
• F. NIST Special Publication 800-53A

Answer: ABDEF

NEW QUESTION 17
Which of the following memorandums directs the Departments and Agencies to post clear privacy policies on World Wide Web sites, and provides guidance for doing it

• A. OMB M-99-18
• B. OMB M-00-13
• C. OMB M-03-19
• D. OMB M-00-07

Answer: A

NEW QUESTION 18
Which of the following characteristics are described by the DIAP Information Readiness Assessment function Each correct answer represents a complete solution. Choose all that apply.

• A. It performs vulnerabilitythreat analysis assessment.
• B. It provides for entry and storage of individual system data.
• C. It provides data needed to accurately assess IA readiness.
• D. It identifies and generates IA requirements.

Answer: ACD