TestTrackers: Unlock Your Exam Potential! | Quality Practice Materials | Boost Your Confidence Today!
ISSEP - SSE Process - Final Questions and
Correct Answers the Latest Update
SSE Process
✓ - Discover Information Protection Needs
✓ - Define System Security Requirements
✓ - Design System Security Architecture
✓ - Develop Detailed Security Design
✓ - Implement System Security
✓ - Assess Information Protection Effectiveness
Information Management Needs Model
✓ - model defines processes, information being processed, and the users of the information
and processes
✓ - decomposes user roles, processes and information
✓ - utilizes least privilege rules
✓ - should also include the requirements of any information management policies, regs, and
agreements that apply to the information being managed.
✓ - main components are information domains
Information Domains comprise
✓ - Users or members
✓ - rules, privileges, roles, and responsibilities that apply to ALL users
✓ - Information objects being managed, including processes
|
✓ Thank You for Choosing Us! ✓ Resources & Updates: [Testtrackers - Stuvia US]
✓ © 2024 TestTrackers ✓ Your Success is Our Mission!
✓ Customer Support: [+254707240657]
, TestTrackers: Unlock Your Exam Potential! | Quality Practice Materials | Boost Your Confidence Today!
SSE Discover Information Protection Needs
✓ - Develop understanding of customer's mission or business
✓ - Help customer determine what information management is needed to support business
✓ - Create a model of information management
✓ - Document the results
✓ - Support C&A
✓ - determine threats to information
MNS
✓ Mission Needs Statement
SSE Step 1 summarization documents
✓ MNS
✓ high-level CONOPS
IMM
|
✓ Thank You for Choosing Us! ✓ Resources & Updates: [Testtrackers - Stuvia US]
✓ © 2024 TestTrackers ✓ Your Success is Our Mission!
✓ Customer Support: [+254707240657]
, TestTrackers: Unlock Your Exam Potential! | Quality Practice Materials | Boost Your Confidence Today!
✓ Information Management Model
✓
✓ - very detailed representation of information needs
✓ - Collection of information domains
✓ - the SSE may support the SE in developing IMM
✓ - Each information domain is assigned a HTI & PHE
✓
✓ consists of :
✓ users
✓ processes
✓ information
✓
✓ * a complex model is technical data for systems people, should not be used to brief
customers
✓
✓ an initial model of the eventual information system, embodying concept of least privilege
✓ - baseline for threat analysis
✓ - baseline for security services
Upon completion of IMM, we can
✓ - use the knowlege to identify applicable protection policies, security regulations,
directives, laws, etc.
✓ - such as NSA docs & C&A procedures
HTI
|
✓ Thank You for Choosing Us! ✓ Resources & Updates: [Testtrackers - Stuvia US]
✓ © 2024 TestTrackers ✓ Your Success is Our Mission!
✓ Customer Support: [+254707240657]
, TestTrackers: Unlock Your Exam Potential! | Quality Practice Materials | Boost Your Confidence Today!
✓ Harm to Information (Impact)
✓
✓ - considers the vale of information and degree of harm if information was compromised
✓ - helps the customer identify the most to least valuable information and types of harm that
would result if it were exploited
✓
✓ None, Mild, Significant, Serious
PHE
✓ Potentially Harmful Events
✓ (Likelihood of a threat executing)
✓
✓ -considers the existence of malicious adversaries, their degree of motivation, and the
potential for accidents or natural disasters.
✓
✓ None, Low, Medium, High (for CIA, Repudiation)
HTI & PHE are combined to produce
✓ a single threat metric, such as 0,1,2,3.
✓ - this is up to customer to determine metrics
SSE Discover needs documentation
|
✓ Thank You for Choosing Us! ✓ Resources & Updates: [Testtrackers - Stuvia US]
✓ © 2024 TestTrackers ✓ Your Success is Our Mission!
✓ Customer Support: [+254707240657]
ISSEP - SSE Process - Final Questions and
Correct Answers the Latest Update
SSE Process
✓ - Discover Information Protection Needs
✓ - Define System Security Requirements
✓ - Design System Security Architecture
✓ - Develop Detailed Security Design
✓ - Implement System Security
✓ - Assess Information Protection Effectiveness
Information Management Needs Model
✓ - model defines processes, information being processed, and the users of the information
and processes
✓ - decomposes user roles, processes and information
✓ - utilizes least privilege rules
✓ - should also include the requirements of any information management policies, regs, and
agreements that apply to the information being managed.
✓ - main components are information domains
Information Domains comprise
✓ - Users or members
✓ - rules, privileges, roles, and responsibilities that apply to ALL users
✓ - Information objects being managed, including processes
|
✓ Thank You for Choosing Us! ✓ Resources & Updates: [Testtrackers - Stuvia US]
✓ © 2024 TestTrackers ✓ Your Success is Our Mission!
✓ Customer Support: [+254707240657]
, TestTrackers: Unlock Your Exam Potential! | Quality Practice Materials | Boost Your Confidence Today!
SSE Discover Information Protection Needs
✓ - Develop understanding of customer's mission or business
✓ - Help customer determine what information management is needed to support business
✓ - Create a model of information management
✓ - Document the results
✓ - Support C&A
✓ - determine threats to information
MNS
✓ Mission Needs Statement
SSE Step 1 summarization documents
✓ MNS
✓ high-level CONOPS
IMM
|
✓ Thank You for Choosing Us! ✓ Resources & Updates: [Testtrackers - Stuvia US]
✓ © 2024 TestTrackers ✓ Your Success is Our Mission!
✓ Customer Support: [+254707240657]
, TestTrackers: Unlock Your Exam Potential! | Quality Practice Materials | Boost Your Confidence Today!
✓ Information Management Model
✓
✓ - very detailed representation of information needs
✓ - Collection of information domains
✓ - the SSE may support the SE in developing IMM
✓ - Each information domain is assigned a HTI & PHE
✓
✓ consists of :
✓ users
✓ processes
✓ information
✓
✓ * a complex model is technical data for systems people, should not be used to brief
customers
✓
✓ an initial model of the eventual information system, embodying concept of least privilege
✓ - baseline for threat analysis
✓ - baseline for security services
Upon completion of IMM, we can
✓ - use the knowlege to identify applicable protection policies, security regulations,
directives, laws, etc.
✓ - such as NSA docs & C&A procedures
HTI
|
✓ Thank You for Choosing Us! ✓ Resources & Updates: [Testtrackers - Stuvia US]
✓ © 2024 TestTrackers ✓ Your Success is Our Mission!
✓ Customer Support: [+254707240657]
, TestTrackers: Unlock Your Exam Potential! | Quality Practice Materials | Boost Your Confidence Today!
✓ Harm to Information (Impact)
✓
✓ - considers the vale of information and degree of harm if information was compromised
✓ - helps the customer identify the most to least valuable information and types of harm that
would result if it were exploited
✓
✓ None, Mild, Significant, Serious
PHE
✓ Potentially Harmful Events
✓ (Likelihood of a threat executing)
✓
✓ -considers the existence of malicious adversaries, their degree of motivation, and the
potential for accidents or natural disasters.
✓
✓ None, Low, Medium, High (for CIA, Repudiation)
HTI & PHE are combined to produce
✓ a single threat metric, such as 0,1,2,3.
✓ - this is up to customer to determine metrics
SSE Discover needs documentation
|
✓ Thank You for Choosing Us! ✓ Resources & Updates: [Testtrackers - Stuvia US]
✓ © 2024 TestTrackers ✓ Your Success is Our Mission!
✓ Customer Support: [+254707240657]
