CAP Exam (Certified Authorization Professional) Questions & Answers
5 views 0 purchase
Course
CAP
Institution
CAP
CAP Exam (Certified Authorization Professional) Questions & Answers
Name the set of specifications used to standardize the communication of software and security configurations - ANSWERSSCAP
Assessment findings are expressed as one of which two options - ANSWERSSatisfactory/Other
Which a...
CAP Exam (Certified Authorization
Professional) Questions & Answers
Name the set of specifications used to standardize the communication of software and security
configurations - ANSWERSSCAP
Assessment findings are expressed as one of which two options - ANSWERSSatisfactory/Other
Which assessment objectives are specific hardware, software, or firmware safeguards/countermeasures
employed w/in an information system? - ANSWERSSpecifications
Which assessment method is the process of exercising one or more assessment objects (i.e., activities or
mechanisms) under specified conditions to compare actual with expected behavior? - ANSWERSTest
Security assessments are typically carried out during which of the following stages of the system
development lifecycle? - ANSWERSInitiation, Development/Acquisition, Implementation, Operations and
Maintenance
This standard specifies minimum security requirements for federal information and information systems
in seventeen security related areas. - ANSWERSFIPS 200
Security controls are organized by ____________ and ___________. - ANSWERSClass/Family
Which NIST Special Publication provides guidance for protecting PII. - ANSWERSSP 800-122
44 United States Code Section 3542(b)(2) defines - ANSWERSNational Security Systems
According to FIPS 199 a limited adverse effect means that the loss of confidentiality, integrity or
availability might: - ANSWERSCause degradation in mission capability to an extent and duration that the
, organization is able to perform its primary functions but the effectiveness of the functions is noticeably
reduced
The application of the security controls defined in NIST Special Publication 800-53 required by this
standard represents the current state-of-the-practice safeguards and countermeasures for information
systems.- - ANSWERSFIPS 200
How often will the security controls be reviewed by NIST and if necessary revised and extended? -
ANSWERSAfter a significant change
Which minimum security requirement, defined in FIPS 200, requires Organizations to limit physical
access to information systems, equipment and the respective operating environments to authorized
individuals? - ANSWERSPhysical and Environmental Protection
Which minimum security requirement, defined in FIPS 200, requires Organizations to ensure that
individuals occupying positions of responsibility within organizations (including third party service
providers) are trustworthy and meet established security criteria for those positions? -
ANSWERSPersonnel Security
Compliance schedules for NIST security standards and guidelines are established by what agency? -
ANSWERSOMB
Name the working Group with representatives from the Civil, Defense, and Intelligence Communities,
engaged in an ongoing effort to produce a unified information security framework for the federal
government including a consistent process for selecting and specifying safeguards and countermeasures
(i.e. security controls) for federal information systems. - ANSWERSJoint Task Force Transformation
Initiative
This document provides implementing guidance for NIST Special Publication 800-53 for national security
systems: - ANSWERSCNSS 1253
While the FIPS 199 security categorization associates the operation of the information system with the
potential adverse impact on organizational operations and assets, individuals, other organizations and
the Nation, the incorporation of refined threat and vulnerability information during the risk assessment
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Bensuda. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $8.99. You're not tied to anything after your purchase.
