• Home
  • Articles
  • [Nov 19, 2021] CAP Dumps Full Questions - Exam Study Guide [Q183-Q205]

[Nov 19, 2021] CAP Dumps Full Questions - Exam Study Guide [Q183-Q205]

Share

[Nov 19, 2021] CAP Dumps Full Questions - Exam Study Guide

ISC Certification  Free Certification Exam Material from PassLeaderVCE with 395 Questions

NEW QUESTION 183
Which of the following is the acronym of RTM?

  • A. Resource tracking method
  • B. Requirements Testing Matrix
  • C. Resource timing method
  • D. Requirements Traceability Matrix

Answer: D

Explanation:
Section: Volume B

 

NEW QUESTION 184
Which of the following is NOT a phase of the security certification and accreditation process?

  • A. Maintenance
  • B. Security certification
  • C. Operation
  • D. Initiation

Answer: C

Explanation:
Section: Volume B

 

NEW QUESTION 185
You are the project manager of the GHQ project for your company. You are working you're your project team to prepare for the qualitative risk analysis process. Mary, a project team member, does not understand why you need to complete qualitative risks analysis. You explain to Mary that qualitative risks analysis helps you determine which risks needs additional analysis. There are also some other benefits that qualitative risks analysis can do for the project. Which one of the following is NOT an accomplishment of the qualitative risk analysis process?

  • A. Prioritization of identified risk events based on probability and impact
  • B. Corresponding impact on project objectives
  • C. Time frame for a risk response
  • D. Cost of the risk impact if the risk event occurs

Answer: D

 

NEW QUESTION 186
Which one of the following is the only output for the qualitative risk analysis process?

  • A. Project management plan
  • B. Risk register updates
  • C. Enterprise environmental factors
  • D. Organizational process assets

Answer: B

 

NEW QUESTION 187
The Project Risk Management knowledge area focuses on which of the following processes?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Risk Monitoring and Control
  • B. Potential Risk Monitoring
  • C. Quantitative Risk Analysis
  • D. Risk Management Planning

Answer: A,C,D

Explanation:
Section: Volume B

 

NEW QUESTION 188
Courtney is the project manager for her organization. She is working with the project team to complete the qualitative risk analysis for her project. During the analysis Courtney encourages the project team to begin the grouping of identified risks by common causes. What is the primary advantage to group risks by common causes during qualitative risk analysis?

  • A. It helps the project team realize the areas of the project most laden with risks.
  • B. It saves time by collecting the related resources, such as project team members, to analyze the risk events.
  • C. It can lead to developing effective risk responses.
  • D. It can lead to the creation of risk categories unique to each project.

Answer: C

Explanation:
Section: Volume B

 

NEW QUESTION 189
You are the project manager of the GGH Project in your company. Your company is structured as a functional organization and you report to the functional manager that you are ready to move onto the quantitative risk analysis process. What things will you need as inputs for the quantitative risk analysis of the project in this scenario?

  • A. You will need the risk register, risk management plan, permission from the functional manager, and any relevant organizational process assets.
  • B. Quantitative risk analysis does not happen through the project manager in a functional stru cture.
  • C. You will need the risk register, risk management plan, cost management plan, schedule management plan, and any relevant organizational process assets.
  • D. You will need the risk register, risk management plan, outputs of qualitative risk analysis, and any relevant organizational process assets.

Answer: C

 

NEW QUESTION 190
Which of the following individuals is responsible for the final accreditation decision?

  • A. Certification Agent
  • B. Information System Owner
  • C. User Representative
  • D. Risk Executive

Answer: B

 

NEW QUESTION 191
Which of the following tasks are identified by the Plan of Action and Milestones document?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Scheduled completion dates for the milestones
  • B. The resources needed to accomplish the elements of the plan
  • C. Any milestones that are needed in meeting the tasks
  • D. The plans that need to be implemented
  • E. The tasks that are required to be accomplished

Answer: A,B,C,E

 

NEW QUESTION 192
In what portion of a project are risk and opportunities greatest and require intense planning and anticipation of risk events?

  • A. Closing
  • B. Planning
  • C. Executing
  • D. Initiating

Answer: D

Explanation:
Section: Volume D

 

NEW QUESTION 193
Which of the following are included in Physical Controls?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Monitoring for intrusion
  • B. Environmental controls
  • C. Identification and authentication methods
  • D. Password and resource management
  • E. Controlling individual access into the facility and different departments
  • F. Locking systems and removing unnecessary floppy or CD-ROM drives

Answer: A,B,E,F

 

NEW QUESTION 194
Gary is the project manager for his project. He and the project team have completed the qualitative risk analysis process and are about to enter the quantitative risk analysis process when Mary, the project sponsor, wants to know what quantitative risk analysis will review. Which of the following statements best defines what quantitative risk analysis will review?

  • A. The quantitative risk analysis process will review risk events for their probability and impact on the project objectives.
  • B. The quantitative risk analysis reviews the results of risk identification and prepares the project for risk response management.
  • C. The quantitative risk analysis seeks to determine the true cost of each identified risk event and the probability of each risk event to determine the risk exposure.
  • D. The quantitative risk analysis process will analyze the effect of risk events that may substantially impact the project's competing demands.

Answer: D

Explanation:
Section: Volume B

 

NEW QUESTION 195
Which of the following formulas was developed by FIPS 199 for categorization of an information system?

  • A. SC information system = {(confidentiality, risk), (integrity, impact), (availability, controls)}
  • B. SC information system = {(confidentiality, impact), (integrity, impact), (availability, impact)}
  • C. SC information system = {(confidentiality, controls), (integrity, controls), (availability, controls )}
  • D. SC information system = {(confidentiality, impact), (integrity, controls), (availability, risk)}

Answer: B

Explanation:
Section: Volume B

 

NEW QUESTION 196
Information Security management is a process of defining the security controls in order to protect information assets. What are the security management responsibilities?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Defining steps to ensure that all the responsibilities are accounted for and properly address ed
  • B. Determining actual goals that are expected to be accomplished from a security program
  • C. Evaluating business objectives, security risks, user productivity, and functionality requirem ents
  • D. Determining objectives, scope, policies, priorities, standards, and strategies

Answer: A,B,C,D

Explanation:
Section: Volume C

 

NEW QUESTION 197
What NIACAP certification levels are recommended by the certifier?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Basic System Review
  • B. Comprehensive Analysis
  • C. Detailed Analysis
  • D. Basic Security Review
  • E. Minimum Analysis
  • F. Maximum Analysis

Answer: B,C,D,E

 

NEW QUESTION 198
The National Information Assurance Certification and Accreditation Process (NIACAP) is the minimum standard process for the certification and accreditation of computer and telecommunications systems that handle U.S. national security information. What are the different types of NIACAP accreditation?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Site accreditation
  • B. Type accreditation
  • C. System accreditation
  • D. Secure accreditation

Answer: A,B,C

Explanation:
Section: Volume C

 

NEW QUESTION 199
What does RTM stand for?

  • A. Resource Tracking Matrix
  • B. Replaced Traceability Matrix
  • C. Resource Testing Method
  • D. Requirements Traceability Matrix

Answer: D

 

NEW QUESTION 200
Neil works as a project manager for SoftTech Inc. He is working with Tom, the COO of his company, on several risks within the project. Tom understands that through qualitative analysis Neil has identified many risks in the project. Tom's concern, however, is that the priority list of these risk events are sorted in "high-risk," "moderate-risk," and "low-risk" as conditions apply within the project. Tom wants to know that is there any other objective on which Neil can make the priority list for project risks. What will be Neil's reply to Tom?

  • A. Risks may be listed by categories
  • B. Risk may be listed by the responses inthe near-term
  • C. Risks may be listed by the additional analysis and response
  • D. Risks may be listed by priority separately for schedule, cost, and performance

Answer: D

 

NEW QUESTION 201
Walter is the project manager of a large construction project. He'll be working with several vendors on the project. Vendors will be providing materials and labor for several parts of the project. Some of the works in the project are very dangerous so Walter has implemented safety requirements for all of the vendors and his own project team. Stakeholders for the project have added new requirements, which have caused new risks in the project. A vendor has identified a new risk that could affect the project if it comes into fruition. Walter agrees with the vendor and has updated the risk register and created potential risk responses to mitigate the risk. What should Walter also update in this scenario considering the risk event?

  • A. Project contractual relationship with the vendor
  • B. Project communications plan
  • C. Project management plan
  • D. Project scope statement

Answer: C

 

NEW QUESTION 202
You are the project manager of the CUL project in your organization. You and the project team are assessing the risk events and creating a probability and impact matrix for the identified risks.
Which one of the following statements best describes the requirements for the data type used in qualitative risk analysis?

  • A. A qualitative risk analysis encourages biased data to reveal risk tolerances.
  • B. A qualitative risk analysis required unbiased stakeholders with biased risk tolerances.
  • C. A qualitative risk analysis requires accurate and unbiased data if it is to be credible.
  • D. A qualitative risk analysis requires fast and simple data to complete the analysis.

Answer: C

 

NEW QUESTION 203
Which of the following objectives are defined by integrity in the C.I.A triad of information security systems?
Each correct answer represents a part of the solution. Choose three.

  • A. It prevents the modification of information by the unauthorized users.
  • B. It preserves the internal and external consistency of information.
  • C. It prevents the intentional or unintentional unauthorized disclosure of a message's contents .
  • D. It prevents the unauthorized or unintentional modification of information by the authorized users.

Answer: A,B,D

 

NEW QUESTION 204
You work as a project manager for BlueWell Inc. You are currently working with the project stakeholders to identify risks in your project. You understand that the qualitative risk assessment and analysis can reflect the attitude of the project team and other stakeholders to risk. Effective assessment of risk requires management of the risk attitudes of the participants. What should you, the project manager, do with assessment of identified risks in consideration of the attitude and bias of the participants towards the project risk?

  • A. Evaluate the bias towards the risk events and correct the assessment accordingly
  • B. Evaluate and document the bias towards the risk events
  • C. Document the bias for the risk events and communicate the bias with management
  • D. Evaluate the bias through SWOT for true analysis of the risk events

Answer: A

Explanation:
Section: Volume A

 

NEW QUESTION 205
......

Dumps Brief Outline Of The CAP Exam: https://www.passleadervce.com/ISCCertification/reliable-CAP-exam-learning-guide.html

Use Real CAP - 100% Cover Real Exam Questions: https://drive.google.com/open?id=11i96pWzruKlHNnaDhowO8dbnwQRsdO0k

Related Articles

more
The SecOps Group CAP Certification Practice Exam