CISSP-ISSEP Free Practice Test

Which of the following DoD policies establishes IA controls for information systems according to the Mission Assurance Categories (MAC) and confidentiality levels

1. A. DoD 8500.1 Information Assurance (IA)
2. B. DoD 8500.2 Information Assurance Implementation
3. C. DoDI 5200.40
4. D. DoD 8510.1-M DITSCAP

Correct Answer: B

Which of the following are the phases of the Certification and Accreditation (C&A) process Each correct answer represents a complete solution. Choose two.

1. A. Auditing
2. B. Initiation
3. C. Continuous Monitoring
4. D. Detection

Correct Answer: BC

You work as a security engineer for BlueWell Inc. According to you, which of the following DITSCAPNIACAP model phases occurs at the initiation of the project, or at the initial C&A effort of a legacy system

1. A. Post Accreditation
2. B. Definition
3. C. Verification
4. D. Validation

Correct Answer: B

Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted by the National Security Agency for protecting sensitive, unclassified information in the systems as stated in Section 2315 of Title 10, United States Code

1. A. Type I cryptography
2. B. Type II cryptography
3. C. Type III (E) cryptography
4. D. Type III cryptography

Correct Answer: B

Which of the following federal agencies provides a forum for the discussion of policy issues, sets national policy, and promulgates direction, operational procedures, and guidance for the security of national security systems

1. A. National Security AgencyCentral Security Service (NSACSS)
2. B. National Institute of Standards and Technology (NIST)
3. C. United States Congress
4. D. Committee on National Security Systems (CNSS)

Correct Answer: D