ISSEP Free Practice Test

Which of the following NIST documents describes that minimizing negative impact on an organization and a need for sound basis in decision making are the fundamental reasons organizations implement a risk management process for their IT systems

1. A. NIST SP 800-37
2. B. NIST SP 800-30
3. C. NIST SP 800-53
4. D. NIST SP 800-60

Correct Answer: B

Which of the following agencies provides command and control capabilities and enterprise infrastructure to continuously operate and assure a global net-centric enterprise in direct support to joint warfighters, National level leaders, and other mission and coalition partners
across the full spectrum of operations

1. A. DARPA
2. B. DTIC
3. C. DISA
4. D. DIAP

Correct Answer: C

Which of the following types of CNSS issuances establishes or describes policy and
programs, provides authority, or assigns responsibilities

1. A. Instructions
2. B. Directives
3. C. Policies
4. D. Advisory memoranda

Correct Answer: B

The National Information Assurance Certification and Accreditation Process (NIACAP) is the minimum standard process for the certification and accreditation of computer and telecommunications systems that handle U.S. national security information. Which of the following participants are required in a NIACAP security assessment Each correct answer represents a part of the solution. Choose all that apply.

1. A. Information Assurance Manager
2. B. Designated Approving Authority
3. C. Certification agent
4. D. IS program manager
5. E. User representative

Correct Answer: BCDE

Which of the following is NOT an objective of the security program

1. A. Security education
2. B. Information classification
3. C. Security organization
4. D. Security plan

Correct Answer: D