[Free] 2017(July) Ensurepass Passguide ISC CAP Latest Dumps 21-30

Ensurepass
2017 July ISC Official New Released CAP Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/CAP.html

Certified Authorization Professional

QUESTION 21

Where can a project manager find risk-rating rules?

 

A.

Risk probability and impact matrix

B.

Organizational process assets

C.

Enterprise environmental factorsD. Risk management plan

 

Correct Answer: B

 

 

QUESTION 22

There are five inputs to the quantitative risk analysis process. Which one of the following isNOTan input to the perform quantitative risk analysis process?

 

A.

Risk register

B.

Cost management plan

C.

Risk management plan

D.

Enterprise environmental factors

 

Correct Answer: D

 

 

QUESTION 23

Your project has several risks that may cause serious financial impact should they happen.You have studied the risk events and made some potential risk responses for the risk events but management wants you to do more. They’d like for you to create some type of a chart that identified the risk probability and impact with a financialamount for each risk event. What is the likely outcome of creating this type of chart?

 

A.

Risk response plan

B.

Quantitative analysis

C.

Risk response

D.

Contingency reserve

 

Correct Answer: D

 

 

QUESTION 24

Which of the following professionals is responsible forstarting the Certification & Accreditation (C&A) process?

 

A.

Authorizing Official

B.

Chief Risk Officer (CRO)

C.

Chief Information Officer (CIO)

D.

Information system owner

 

Correct Answer: D

 

 

QUESTION 25

You are working as a project manager in your organization. You are nearing the final stages of project execution and looking towards the final risk monitoring and controlling activities. For your project archives, which one of the following is an output of risk monitoring and control?

 

A.

Quantitative risk analysis

B.

Qualitative risk analysis

C.

Requested changes

D.

Risk audits

 

Correct Answer: C

 

 

QUESTION 26

Which of the following DoD directives is referred to as theDefense Automation Resources Management Manual?

 

A.

DoDD 8000.1

B.

DoD 7950.1-M

C.

DoD 5200.22-M

D.

DoD 8910.1

E.

DoD 5200.1-R

 

Correct Answer: B

 

 

QUESTION 27

The phase 3 of the Risk Management Framework (RMF) process is known as mitigation planning.Which of the following processes take place in phase 3? Each correct answer represents a complete solution. Choose all that apply.

 

A.

Identify threats, vulnerabilities, and controls that will be evaluated.

B.

Document and implement a mitigation plan.

C.

Agree on a strategy to mitigate risks.

D.

Evaluate mitigation progress and plan next assessment.

 

Correct Answer: BCD

 

 

 

 

QUESTION 28

Gary is the project manager of his organization. He is managing a project that is similar to a project his organization completed recently. Gary has decided that he will use the information from the past project to help him and the project team to identify the risks that may be present in the project. Management agrees that this checklist approach is ideal and will save time in the project. Which of the following statement is most accurate about the limitations of the checklist analysis approach for Gary?

 

A.

The checklist analysis approach is fast but it is impossible to build and exhaustive checklist.

B.

The checklist analysis approach only uses qualitative analysis.

C.

The checklist analysis approach saves time, but can cost more.

D.

The checklist is also known as top down risk assessment

 

Correct Answer: A

 

 

QUESTION 29

What are the subordinate tasks of the Initiate and Plan IA C&A phase of the DIACAP process? Each correct answer represents a complete solution. Choose all that apply.

 

A.

Develop DIACAP strategy.

B.

Assign IA controls.

C.

Assemble DIACAP team.

D.

Initiate IA implementation plan.

E.

Register system with DoD Component IA Program.

F.

Conduct validation activity.

 

Correct Answer: ABCDE

 

 

QUESTION 30

Information risk management (IRM) is the process of identifying and assessing risk, reducing it to an acceptable level, and implementing the right mechanisms to maintain that level. What are the different categories of risk? Each correct answer represents a complete solution. Choose all that apply.

 

A.

System interaction

B.

Human interaction

C.

Equipment malfunction

D.

Inside and outside attacks

E.

Social status

F.

Physical damage

 

Correct Answer: BCDEF

100% Free Download!
—Download Free Demo:CAP Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass CAP Full Exam PDF and VCE Q&As:395
—Get 10% off your purchase! Copy it:TJDN-947R-9CCD [2017.07.01-2017.07.31]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE