What Does CAP answers Mean?

Want to know Actualtests CAP Exam practice test features? Want to lear more about ISC2 ISC2 CAP Certified Authorization Professional certification experience? Study Top Quality ISC2 CAP answers to Far out CAP questions at Actualtests. Gat a success with an absolute guarantee to pass ISC2 CAP (ISC2 CAP Certified Authorization Professional) test on your first attempt.

Q181. Which of the following tasks are identified by the Plan of Action and Milestones document?

Each correct answer represents a complete solution. Choose all that apply.

A. The plans that need to be implemented

B. The resources needed to accomplish the elements of the plan

C. Any milestones that are needed in meeting the tasks

D. The tasks that are required to be accomplished

E. Scheduled completion dates for the milestones

Answer: BCDE


Q182. Numerous information security standards promote good security practices and define frameworks or systems to structure the analysis and design for managing information security controls. Which of the following are the international information security standards?

Each correct answer represents a complete solution. Choose all that apply.

A. Human resources security

B. Organization of information security

C. Risk assessment and treatment

D. AU audit and accountability

Answer: ABC


Q183. Fred is the project manager of the PKL project. He is working with his project team to complete the quantitative risk analysis process as a part of risk management planning. Fred understands that once the quantitative risk analysis process is complete, the process will need to be completed again in at least two other times in the project. When will the quantitative risk analysis process need to be repeated?

A. Quantitative risk analysisprocess will be completed again after the plan risk response planning and as part of procurement.

B. Quantitative risk analysis process will be completed again after the cost managementplanning and as a part of monitoring and controlling.

C. Quantitativerisk analysis process will be completed again after new risks are identified and as part of monitoring and controlling.

D. Quantitative risk analysis process will be completed again after the risk response planning and as a part of monitoring and controlling.

Answer: D


Q184. Beth is the project manager of the BFG Project for her company. In this project Beth has decided to create a contingency response based on the performance of the project schedule. If the project schedule variance is greater than $10,000 the contingency plan will be implemented. What is the formula for the schedule variance?

A. SV=EV-PV

B. SV=EV/AC

C. SV=PV-EV

D. SV=EV/PV

Answer: A


Q185. James work as an IT systems personnel in SoftTech Inc. He performs the following tasks: Runs regular backups and routine tests of the validity of the backup data.

Performs data restoration from the backups whenever required.

Maintains the retained records in accordance with the established information classification policy.

What is the role played by James in the organization?

A. Manager

B. User

C. Owner

D. Custodian

Answer: D


Q186. You work as a project manager for BlueWell Inc. You are working with Nancy, the COO of your company, on several risks within the project. Nancy understands that through qualitative analysis you have identified 80 risks that have a low probability and low impact as the project is currently planned. Nancy's concern, however, is that the impact and probability of these risk events may change as conditions within the project may change. She would like to know where will you document and record these 80 risks that have low probability and low impact for future reference.

What should you tell Nancy?

A. Risk identification is an iterative process so any changes to the low probability and low impact risks will be reassessed throughout the project life cycle.

B. Risks with low probability and low impact are recorded in a watchlist for future monitoring.

C. All risks, regardless of their assessed impact and probability, are recorded in the risk log.

D. All risks are recorded in the risk management plan

Answer: B


Q187. There are seven risk responses for any project. Which one of the following is a valid risk response for a negative risk event?

A. Exploit

B. Share

C. Enhance

D. Acceptance

Answer: D


Q188. Which of the following is an Information Assurance (IA) model that protects and defends information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation?

A. Parkerian Hexad

B. Capability Maturity Model (CMM)

C. Classic information security model

D. Five Pillars model

Answer: D


Q189. An organization monitors the hard disks of its employees' computers from time to time. Which policy does this pertain to?

A. Network security policy

B. User password policy

C. Backup policy

D. Privacy policy

Answer: D


Q190. Information Security management is a process of defining the security controls in order to protect information assets. What are the security management responsibilities?

Each correct answer represents a complete solution. Choose all that apply.

A. Evaluating business objectives, security risks, user productivity, and functionality requirem ents

B. Determining actual goals that are expected to be accomplished from a security program

C. Defining steps to ensure that all the responsibilities are accounted for and properly address ed

D. Determining objectives, scope, policies, priorities, standards, and strategies

Answer: ABCD