CAP Free Practice Test

Which of the following processes has the goal to ensure that any change does not lead to reduced or compromised security?

1. A. Risk management
2. B. Security management
3. C. Configuration management
4. D. Changecontrol management

Correct Answer: D

You are the project manager for the NHH project. You are working with your project team to examine the project from four different defined perspectives to increase the breadth of identified risks by including internally generated risks. What risk identification approach are you using in this example?

1. A. SWOT analysis
2. B. Root cause analysis
3. C. Assumptions analysis
4. D. Influence diagramming techniques

Correct Answer: A

Which of the following classification levels defines the information that, if disclosed to the unauthorized parties, could be reasonably expected to cause exceptionally grave damage to the national security?

1. A. Secret information
2. B. Top Secret information
3. C. Confidential information
4. D. Unclassified information

Correct Answer: B

FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems. Which of the following FITSAF levels shows that the procedures and controls have been implemented?

1. A. Level 2
2. B. Level 3
3. C. Level 5
4. D. Level 4
5. E. Level 1

Correct Answer: B

Which of the following is not a part of Identify Risks process?

1. A. Decision tree diagram
2. B. Cause and effect diagram
3. C. Influence diagram
4. D. System or process flow chart

Correct Answer: A