ISSEP Free Practice Test

Which of the following Net-Centric Data Strategy goals are required to increase enterprise and community data over private user and system data Each correct answer represents a complete solution. Choose all that apply.

1. A. Understandability
2. B. Visibility
3. C. Interoperability
4. D. Accessibility

Correct Answer: BD

According to U.S. Department of Defense (DoD) Instruction 8500.2, there are eight Information Assurance (IA) areas, and the controls are referred to as IA controls. Which of the following are among the eight areas of IA defined by DoD Each correct answer represents a complete solution. Choose all that apply.

1. A. DC Security Design & Configuration
2. B. EC Enclave and Computing Environment
3. C. VI Vulnerability and Incident Management
4. D. Information systems acquisition, development, and maintenance

Correct Answer: ABC

Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted by the National Security Agency for protecting sensitive, unclassified information in the systems as stated in Section 2315 of Title 10, United States Code

1. A. Type I cryptography
2. B. Type II cryptography
3. C. Type III (E) cryptography
4. D. Type III cryptography

Correct Answer: B

The functional analysis process is used for translating system requirements into detailed function criteria. Which of the following are the elements of functional analysis process Each correct answer represents a complete solution. Choose all that apply.

1. A. Model possible overall system behaviors that are needed to achieve the system requirements.
2. B. Develop concepts and alternatives that are not technology or component bound.
3. C. Decompose functional requirements into discrete tasks or activities, the focus is still on technology not functions or components.
4. D. Use a top-down with some bottom-up approach verification.

Correct Answer: ABD

Which of the following terms describes the security of an information system against unauthorized access to or modification of information, whether in storage, processing, or transit, and against the denial of service to authorized users or the provision of service to unauthorized users

1. A. Information Assurance (IA)
2. B. Information Systems Security Engineering (ISSE)
3. C. Information Protection Policy (IPP)
4. D. Information systems security (InfoSec)

Correct Answer: D