ISC2 CAP Exam Prep || with 100% Error-free Answers.

In FIPS 199, a loss of Confidentiality is defined as correct answers The unauthorized disclosure of information In FIPS 199, a loss of Integrity is defined as correct answers The unauthorized modification or destruction of information In FIPS 199, a loss of Availability is defined as correct answers The disruption of access to or use of information NIST Special Publication 800-53 r4 correct answers FIPS 200 Mandated - A catalog of security controls. Defines three baselines (L, M, H). Initial version published in 2005. None correct answers This FIPS document can be waived Inherited correct answers An organizations information systems are a mix of Windows and UNIX systems located in a single computer room. Access to the computer room is restricted by the door locks that require proximity cards and personal identification numbers (PINS). Only a small percentage of the organizations employees have access to the computer room. The computer room access restriction is an example of what type of security control relative to the hardware in the computer room? Supplement the common controls with system-specific or hybrid controls to achieve the required protection for the system correct answers An information system is currently in the initiation phase of the SDLC and has been categorized high impact. The information system owner wants to inherit common controls provided by another organization information system that is categorized moderate impact.. How does the information system owner ensure that the common controls will provide adequate protection for the information system? Active involvement by authorizing officials in the ongoing management of information system-related security risks. correct answers An effective security control monitoring strategy for an information system includes... All Steps correct answers In which steps is the security plan updated (Categorize, Implement, or Monitor) An enterprise security authorization program is considered successful when correct answers A) provides an effective means of meeting requirements B) permits efficient oversight of its activities C) provides assurance that controls are implemented at the system level Hybrid correct answers A large organization has a documented information system policy that has been reviewed and approved by senior officials and is readily available to all organizational staff. This information security policy explicitly addresses each of the 17 control families in NIST SP 800-53, Revision.3. Some system owners also established procedures for the technical