Question 1

Which of the following describes a residual risk as the risk remaining after a risk mitigation has occurred?

ASSAA

BISSO

CDAA

DDIACAP

Answer : B

Question 2

Which of the following certification levels requires the completion of the minimum security checklist

and more in-depth, independent analysis?

ACL 3

BCL 4

CCL 2

DCL 1

Answer : A

Question 3

Which of the following individuals reviews and approves project deliverables from a QA perspective?

AInformation systems security engineer

BSystem owner

CQuality assurance manager

DProject manager

Answer : C

Question 4

Which of the following memorandums reminds the departments and agencies of the OMB principles

for including and funding security as an element of agency information technology systems and

architectures and of the decision criteria which is used to evaluate security for information systems

investments?

AOMB M-00-13

BOMB M-99-18

COMB M-00-07

DOMB M-03-19

Answer : C

Question 5

Which of the following is a 1996 United States federal law, designed to improve the way the federal

government acquires, uses, and disposes information technology?

ALanham Act

BClinger-Cohen Act

CComputer Misuse Act

DPaperwork Reduction Act

Answer : B

Question 6

An Authorizing Official plays the role of an approver. What are the responsibilities of an Authorizing

Official? Each correct answer represents a complete solution. Choose all that apply.

AAscertaining the security posture of the organization's information system

BReviewing security status reports and critical security documents

CDetermining the requirement of reauthorization and reauthorizing information systems when
required

DEstablishing and implementing the organization's continuous monitoring program

Answer : A, B, C

Free Information Systems Security Engineering Professional Questions for ISC2 Information Systems Security Engineering Professional Exam as PDF & Practice Test Software