Finding Avant-garde CAP pack

Act now and download your ISC2 CAP test today! Do not waste time for the worthless ISC2 CAP tutorials. Download Most recent ISC2 ISC2 CAP Certified Authorization Professional exam with real questions and answers and begin to learn ISC2 CAP with a classic professional.

Q31. Which of the following assessment methods is used to review, inspect, and analyze assessment objects?

A. Testing

B. Examination

C. Interview

D. Debugging

Answer: B


Q32. You are the project manager for GHY Project and are working to create a risk response for a negative risk. You and the project team have identified the risk that the project may not complete on time, as required by the management, due to the creation of the user guide for the software you're creating. You have elected to hire an external writer in order to satisfy the requirements and to alleviate the risk event. What type of risk response have you elected to use in this instance?

A. Sharing

B. Avoidance

C. Transference

D. Exploiting

Answer: C


Q33. Adrian is the project manager of the NHP Project. In her project there are several work packages that deal with electrical wiring. Rather than to manage the risk internally she has decided to hire a vendor to complete all work packages that deal with the electrical wiring. By removing the risk internally to a licensed electrician Adrian feels more comfortable with project team being safe.

What type of risk response has Adrian used in this example?

A. Mitigation

B. Transference

C. Avoidance

D. Acceptance

Answer: B


Q34. Which of the following acts is used to recognize the importance of information security to the economic and national security interests of the United States?

A. Computer Fraud and Abuse Act

B. FISMA

C. Lanham Act

D. Computer Misuse Act

Answer: B


Q35. Which of the following approaches can be used to build a security program?

Each correct answer represents a complete solution. Choose all that apply.

A. Bottom-Up Approach

B. Right-Up Approach

C. Top-Down Approach

D. Left-Up Approach

Answer: AC


Q36. To help review or design security controls, they can be classified by several criteria. One of these criteria is based on time. According to this criteria, which of the following controls are intended to prevent an incident from occurring?

A. Adaptive controls

B. Preventive controls

C. Detective controls

D. Corrective controls

Answer: B


Q37. There are seven risks responses that a project manager can choose from. Which risk response is appropriate for both positive and negative risk events?

A. Acceptance

B. Mitigation

C. Sharing

D. Transference

Answer: A


Q38. You are the project manager for your company and a new change request has been approved for your project. This change request, however, has introduced several new risks to the project. You have communicated these risk events and the project stakeholders understand the possible effects these risks could have on your project. You elect to create a mitigation response for the identified risk events. Where will you record the mitigation response?

A. Project management plan

B. Risk management plan

C. Risk log

D. Risk register

Answer: D


Q39. Adrian is a project manager for a new project using a technology that has recently been released and there's relatively little information about the technology. Initial testing of the technology makes the use of it look promising, but there's still uncertainty as to the longevity and reliability of the technology. Adrian wants to consider the technology factors a risk for her project. Where should she document the risks associated with this technology so she can track the risk status and responses?

A. Project charter

B. Risk register

C. Project scope statement

D. Risk low-level watch list

Answer: B


Q40. Wendy is about to perform qualitative risk analysis on the identified risks within her project. Which one of the following will NOT help Wendy to perform this project management activity?

A. Stakeholder register

B. Risk register

C. Project scope statement

D. Risk management plan

Answer: A