
Use Real CAP - 100% Cover Real Exam Questions [Sep-2021]
Dumps Brief Outline Of The CAP Exam - Free4Torrent
NEW QUESTION 190
The Phase 3 of DITSCAP C&A is known as Validation. The goal of Phase 3 is to validate that the preceding work has produced an IS that operates in a specified computing environment. What are the process activities of this phase?
Each correct answer represents a complete solution. Choose all that apply.
- A. Certification and accreditation decision
- B. Perform certification evaluation of the integrated system
- C. Develop recommendation to the DAA
- D. System development
- E. Continue to review and refine the SSAA
Answer: A,B,C,E
NEW QUESTION 191
You are the project manager of the HJK Project for your organization. You and the project team have created risk responses for many of the risk events in the project. Where should you document the proposed responses and the current status of all identified risks?
- A. Lessons learned documentation
- B. Risk management plan
- C. Risk register
- D. Stakeholder management strategy
Answer: C
NEW QUESTION 192
Which of the following is an Information Assurance (IA) model that protects and defends information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non- repudiation?
- A. Parkerian Hexad
- B. Classic information security model
- C. Capability Maturity Model (CMM)
- D. Five Pillars model
Answer: D
NEW QUESTION 193
Your project uses a piece of equipment that if the temperature of the machine goes above 450 degree Fahrenheit the machine will overheat and have to be shut down for 48 hours. Should this machine overheat even once it will delay the project's end date. You work with your project to create a response that should the temperature of the machine reach 430, the machine will be paused for at least an hour to cool it down. The temperature of 430 is called what?
- A. Risk response
- B. Risk trigger
- C. Risk event
- D. Risk identification
Answer: B
NEW QUESTION 194
Information Security management is a process of defining the security controls in order to protect information assets. The first action of a management program to implement information security is to have a security program in place. What are the objectives of a security program?
Each correct answer represents a complete solution. Choose all that apply.
- A. Security organization
- B. Security education
- C. Information classification
- D. System classification
Answer: A,B,C
NEW QUESTION 195
A ________ points to a statement in a policy or procedure that helps determine a course of action.
- A. Guideline
- B. Baseline
- C. Comment
- D. Procedure
Answer: A
NEW QUESTION 196
You work as a project manager for BlueWell Inc. Management has asked you to work with the key project stakeholder to analyze the risk events you have identified in the project. They would like you to analyze the project risks with a goal of improving the project's performance as a whole.
What approach can you use to achieve the goal of improving the project's performance through risk analysis with your project stakeholders?
- A. Focus on the high-priority risks through qualitative risk analysis
- B. Involve subject matter experts in the risk analysis activities
- C. Use qualitative risk analysis to quickly assess the probability and impact of risk events
- D. Involve the stakeholders for risk identification only in the phases where the project directly affects them
Answer: A
NEW QUESTION 197
Ben is the project manager of the YHT Project for his company. Alice, one of his team members, is confused about when project risks will happen in the project. Which one of the following statements is the most accurate about when project risk happens?
- A. Project risk can happen at any moment.
- B. Project risk is always in the future.
- C. Project risk is uncertain, so no one can predict when the event will happen.
- D. Project risk happens throughout the project execution.
Answer: B
NEW QUESTION 198
You are preparing to complete the quantitative risk analysis process with your project team and several subject matter experts. You gather the necessary inputs including the project's cost management plan. Why is it necessary to include the project's cost management plan in the preparation for the quantitative risk analysis process?
- A. The project's cost management plan provides direction on how costs may be changed due to identified risks.
- B. The project's cost management plan is not an input to the quantitative risk analysis process .
- C. The project's cost management plan can help you to determine what the total cost of the project is allowed to be.
- D. The project's cost management plan provides control that may help determine the structure for quantitative analysis of the budget.
Answer: D
NEW QUESTION 199
The Phase 2 of DITSCAP C&A is known as Verification. The goal of this phase is to obtain a fully integrated system for certification testing and accreditation. What are the process activities of this phase?
Each correct answer represents a complete solution. Choose all that apply.
- A. Assessment of the Analysis Results
- B. Certification analysis
- C. Configuring refinement of the SSAA
- D. Registration
- E. System development
Answer: A,B,C,E
Explanation:
Section: Volume A
NEW QUESTION 200
Which of the following risk responses delineates that the project plan will not be changed to deal with the risk?
- A. Mitigation
- B. Exploitation
- C. Transference
- D. Acceptance
Answer: D
Explanation:
Section: Volume C
NEW QUESTION 201
Which of the following is a temporary approval to operate based on an assessment of the implementation status of the assigned IA Controls?
- A. ATO
- B. IATO
- C. DATO
- D. IATT
Answer: B
NEW QUESTION 202
You are the project manager for a construction project. The project includes a work that involves very high financial risks. You decide to insure processes so that any ill happening can be compensated. Which type of strategies have you used to deal with the risks involved with that particular work?
- A. Transfer
- B. Mitigate
- C. Accept
- D. Avoid
Answer: A
NEW QUESTION 203
Thomas is a key stakeholder in your project. Thomas has requested several changes to the project scope for the project you are managing. Upon review of the proposed changes, you have discovered that these new requirements are laden with risks and you recommend to the change control board that the changes be excluded from the project scope. The change control board agrees with you. What component of the change control system communicates the approval or denial of a proposed change request?
- A. Change log
- B. Integrated change control
- C. Configuration management system
- D. Scope change control system
Answer: B
Explanation:
Section: Volume A
NEW QUESTION 204
Which of the following documents were developed by NIST for conducting Certification & Accreditation (C&A)?
Each correct answer represents a complete solution. Choose all that apply.
- A. NIST Special Publication 800-53
- B. NIST Special Publication 800-37A
- C. NIST Special Publication 800-53A
- D. NIST Special Publication 800-59
- E. NIST Special Publication 800-37
- F. NIST Special Publication 800-60
Answer: A,C,D,E,F
NEW QUESTION 205
You are the project manager of the GHY project for your organization. You are working with your project team to begin identifying risks for the project. As part of your preparation for identifying the risks within the project you will need eleven inputs for the process. Which one of the following is NOT an input to the risk identification process?
- A. Quality management plan
- B. Procurement management plan
- C. Stakeholder register
- D. Cost management plan
Answer: B
NEW QUESTION 206
In which of the following phases does the SSAA maintenance take place?
- A. Phase 4
- B. Phase 3
- C. Phase 2
- D. Phase 1
Answer: A
NEW QUESTION 207
......
Certification Training for CAP Exam Dumps Test Engine: https://www.free4torrent.com/CAP-braindumps-torrent.html
CAP Training & Certification Get Latest ISC Certification : https://drive.google.com/open?id=1699YlnUob1G9nDDNG6wyTcs6x6N74mDk