CAP Free Practice Test

Which of the following roles is also known as the accreditor?

1. A. Chief Risk Officer
2. B. Data owner
3. C. Designated Approving Authority
4. D. Chief Information Officer

Correct Answer: C

Which of the following refers to an information security document that is used in the United States Department of Defense (DoD) to describe and accredit networks and systems?

1. A. FITSAF
2. B. FIPS
3. C. TCSEC
4. D. SSAA

Correct Answer: D

Fred is the project manager of the PKL project. He is working with his project team to complete the quantitative risk analysis process as a part of risk management planning. Fred understands that once the quantitative risk analysis process is complete, the process will need to be completed again in at least two other times in the project. When will the quantitative risk analysis process need to be repeated?

1. A. Quantitative risk analysisprocess will be completed again after the plan risk response planning and as part of procurement.
2. B. Quantitative risk analysis process will be completed again after the cost managementplanning and as a part of monitoring and controlling.
3. C. Quantitativerisk analysis process will be completed again after new risks are identified and as part of monitoring and controlling.
4. D. Quantitative risk analysis process will be completed again after the risk response planning and as a part of monitoring and controlling.

Correct Answer: D

Which of the following statements is true about residual risks?

1. A. It is a weakness or lack of safeguard that can be exploited by a threat.
2. B. It can be considered as an indicator of threats coupled with vulnerability.
3. C. It is the probabilistic risk after implementing all security measures.
4. D. It is the probabilistic risk before implementing all security measures.

Correct Answer: C

Which of the following are the common roles with regard to data in an information classification program?
Each correct answer represents a complete solution. Choose all that apply.

1. A. Custodian
2. B. User
3. C. Security auditor
4. D. Editor
5. E. Owner

Correct Answer: ABCE