Pass CAP Exam - Real Test Engine PDF with 395 Questions [Q234-Q251]

4/5 - (1 vote)

Pass CAP Exam – Real Test Engine PDF with 395 Questions

Get New CAP Certification Practice Test Questions Exam Dumps

NEW QUESTION 234
You work as a project manager for BlueWell Inc. You are preparing to plan risk responses for your project with your team. How many risk response types are available for a negative risk event in the project?

Seven

Three

Four

One

NEW QUESTION 235
Risks with low ratings of probability and impact are included on a ____ for future monitoring.

Watchlist

Risk alarm

Observation list

Risk register

NEW QUESTION 236
Which of the following governance bodies directs and coordinates implementations of the information security program?

Information Security Steering Committee

Senior Management

Business Unit Manager

Chief Information Security Officer

NEW QUESTION 237
The Software Configuration Management (SCM) process defines the need to trace changes, and the ability to verify that the final delivered software has all of the planned enhancements that are supposed to be included in the release. What are the procedures that must be defined for each software project to ensure that a sound SCM process is implemented?
Each correct answer represents a complete solution. Choose all that apply.

Configuration status accounting

Configuration change control

Configuration deployment

Configuration audits

Configuration identification

Configuration implementation

NEW QUESTION 238
You are the project manager of the BlueStar project in your company. Your company is structured as a functional organization and you report to the functional manager that you are ready to move onto the qualitative risk analysis process. What will you need as inputs for the qualitative risk analysis of the project in this scenario?

You will need the risk register, risk management plan, project scope statement, and any relevant organizational process assets.

You will need the risk register, risk management plan, outputs of qualitative risk analysis, and any relevant organizational process assets.

You will need the risk register, risk management plan, permission from the functional manager, and any relevant organizational process assets.

Qualitative risk analysis does not happen through the project manager in a functional struc ture.

NEW QUESTION 239
Which of the following professionals is responsible for starting the Certification & Accreditation (C&A) process?

Authorizing Official

Chief Risk Officer (CRO)

Chief Information Officer (CIO)

Information system owner

NEW QUESTION 240
Diane is the project manager of the HGF Project. A risk that has been identified and analyzed in the project planning processes is now coming into fruition. What individual should respond to the risk with the preplanned risk response?

Diane

Risk owner

Subject matter expert

Project sponsor

NEW QUESTION 241
Which of the following statements about Discretionary Access Control List (DACL) is true?

It is a rule list containing access control entries.

It specifies whether an audit activity should be performed when an object attempts to access a resource.

It is a unique number that identifies a user, group,and computer account.

It is a list containing user accounts, groups, and computers that are allowed (or denied) access to the object.

NEW QUESTION 242
Which of the following RMF phases identifies key threats and vulnerabilities that could compromise the confidentiality, integrity, and availability of the institutional critical assets?

Phase 2

Phase 1

Phase 3

Phase 0

NEW QUESTION 243
Which of the following risk responses delineates that the project plan will not be changed to deal with the risk?

Acceptance

Mitigation

Exploitation

Transference

NEW QUESTION 244
Which of the following statements about System Access Control List (SACL) is true?

It contains a list of any events that are set to audit for that particular object.

It is a mechanism for reducing the need for globally unique IP addresses.

It contains a list of both users and groups and whatever permissions they have.

It exists for each and every permission entry assigned to any object.

NEW QUESTION 245
The Phase 4 of DITSCAP C&A is known as Post Accreditation. This phase starts after the system has been accredited in Phase 3. What are the process activities of this phase?
Each correct answer represents a complete solution. Choose all that apply.

Maintenance of the SSAA

Compliance validation

Change management

System operations

Security operations

Continue to review and refine the SSAA

NEW QUESTION 246
You are the project manager for your organization. You are preparing for the quantitative risk analysis. Mark, a project team member, wants to know why you need to do quantitative risk analysis when you just completed qualitative risk analysis. Which one of the following statements best defines what quantitative risk analysis is?

Quantitative risk analysis is the planning and quantification of risk responses based on probability and impact of each risk event.

Quantitative risk analysis is the process of prioritizing risks for further analysis or action by assessing and combining their probability of occurrence and impact.

Quantitative risk analysis is the review of the risk events with the high probability and the highest impact on the project objectives.

Quantitative risk analysis is the process of numerically analyzing the effect of identified risks on overall project objectives.

NEW QUESTION 247
Harry is a project manager of a software development project. In the early stages of planning, he and the stakeholders operated with the belief that the software they were developing would work with their organization’s current computer operating system. Now that the project team has started developing the software it has become apparent that the software will not work with nearly half of the organization’s computer operating systems. The incorrect belief Harry had in the software compatibility is an example of what in project management?

Assumption

Issue

Risk

Constraint

NEW QUESTION 248
Wendy is about to perform qualitative risk analysis on the identified risks within her project. Which one of the following will NOT help Wendy to perform this project management activity?

Stakeholder register

Risk register

Project scope statement

Risk management plan

NEW QUESTION 249
Which of the following requires all general support systems and major applications to be fully certified and accredited before these systems and applications are put into production?
Each correct answer represents a part of the solution. Choose all that apply.

NIST

FIPS

Office of Management and Budget (OMB)

FISMA

NEW QUESTION 250
Which of the following individuals makes the final accreditation decision?

ISSE

DAA

CRO

ISSO

NEW QUESTION 251
System Authorization is the risk management process. System Authorization Plan (SAP) is a comprehensive and uniform approach to the System Authorization Process. What are the different phases of System Authorization Plan?
Each correct answer represents a part of the solution. Choose all that apply.

Pre-certification

Certification

Post-certification

Authorization

Post-Authorization

CAP Exam Dumps – PDF Questions and Testing Engine: https://www.prepawaypdf.com/ISC/CAP-practice-exam-dumps.html

Pass CAP Exam – Real Test Engine PDF with 395 Questions [Q234-Q251]

admin

Leave a Reply Cancel reply

Related posts:

admin

You might also like

Leave a Reply Cancel reply