What Does CAP exam cram Mean?

Proper study guides for Regenerate ISC2 ISC2 CAP Certified Authorization Professional certified begins with ISC2 CAP preparation products which designed to deliver the Pinpoint CAP questions by making you pass the CAP test at your first time. Try the free CAP demo right now.

Q191. ISO 17799 has two parts. The first part is an implementation guide with guidelines on how to build a comprehensive information security infrastructure and the second part is an auditing guide based on requirements that must be met for an organization to be deemed compliant with ISO 17799. What are the ISO 17799 domains?

Each correct answer represents a complete solution. Choose all that apply.

A. Information security policy for the organization

B. System architecture management

C. Business continuity management

D. System developmentand maintenance

E. Personnel security

Answer: ACDE

Q192. Which of the following statements reflect the 'Code of Ethics Canons' in the '(ISC)2 Code of Ethics'?

Each correct answer represents a complete solution. Choose all that apply.

A. Protect society, the commonwealth, and the infrastructure.

B. Act honorably, honestly, justly, responsibly, and legally.

C. Provide diligent and competent service to principals.

D. Give guidance for resolving good versus good and bad versus baddilemmas.

Answer: ABC

Q193. Which of the following guidance documents is useful in determining the impact level of a particular threat on agency systems?

A. NIST SP 800-41

B. NIST SP 800-37

C. FIPS 199

D. NIST SP 800-14

Answer: C

Q194. Which of the following is a subset discipline of Corporate Governance focused on information security systems and their performance and risk management?

A. Lanham Act


C. Clinger-Cohen Act

D. Computer Misuse Act

Answer: B

Q195. John is the project manager of the NHQ Project for his company. His project has 75 stakeholders, some of which are external to the organization. John needs to make certain that he communicates about risk in the most appropriate method for the external stakeholders. Which project management plan will be the best guide for John to communicate to the external stakeholders?

A. Risk Response Plan

B. Risk Management Plan

C. Project ManagementPlan

D. Communications Management Plan

Answer: D

Q196. You are the project manager for TTP project. You are in the Identify Risks process. You have to create the risk register. Which of the following are included in the risk register?

Each correct answer represents a complete solution. Choose two.

A. List of potential responses

B. List of identified risks

C. List ofmitigation techniques

D. List of key stakeholders

Answer: AB

Q197. What approach can a project manager use to improve the project's performance during qualitative risk analysis?

A. Create a risk breakdown structure and delegate the risk analysis to the appropriate project team members.

B. Focus on high-priority risks.

C. Focus on near-term risks first.

D. Analyze as many risks as possible regardless of who initiated the risk event.

Answer: B

Q198. Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

A. Business continuity plan

B. Continuity of Operations Plan

C. Disaster recovery plan

D. Contingency plan

Answer: D

Q199. Which of the following processes is described in the statement below?

"This is the process of numerically analyzing the effect of identified risks on overall project objectives."

A. Identify Risks

B. Perform Quantitative Risk Analysis

C. Perform Qualitative Risk Analysis

D. Monitor and Control Risks

Answer: B

Q200. Which of the following describes residual risk as the risk remaining after risk mitigation has occurred?





Answer: A