A security control for an information system that has not been designated as a common control or the portion of a hybrid control that is to be implemented within an informational system is referred to as a...
Response:

• A.Logical control
• B.Common control
• C.System Specific control
• D.Hybrid control

Comment: *

Name: *

Email: *

Verification: *

Wendy is about to perform qualitative risk analysis on the identified risks within her project. Which one of the following will NOT help Wendy to perform this project management activity?
Response:

• A.Stakeholder register
• B.Project scope statement
• C.Risk management plan
• D.Risk register

Comment: *

Name: *

Email: *

Verification: *

Which of the following is an example of a "something you are" authentication? Response:

• A.Biometrics
• B.Multi factor authentication
• C.Least privilege
• D.Least functionality

Comment: *

Name: *

Email: *

Verification: *

What RMF artifact establishes the scope of protection for an IS and encompass people, process, and info tech that are part of the system?

• A.Categorization
• B.System Boundary
• C.Authorize
• D.Response:
• E.Risk Management Framework

Comment: *

Name: *

Email: *

Verification: *

The security control assessor shall not be held liable to the System Owner for any and all liabilities, claims, or damages arising out of or relating to the security vulnerability testing portion of which greement?
Response:

• A.None of the above
• B.Interconnections agreement
• C.Plan of Action and milestones
• D.Rules of engagement

Comment: *

Name: *

Email: *

Verification: *