FEDVTE CAP EXAM 2025
QUESTIONS AND ANSWERS
Which of the following groups represents the most likely source of an asset loss through
the inappropriate use of computers?
A. Employees
B. Hackers
C. Visitors
D. Customers - ....ANSWER ...-A. Employees
FISMA charges which one of the following agencies with the responsibility of overseeing
the security policies and practices of all agencies of the executive branch of the Federal
government?
...©️ 2025, ALL RIGHTS RESERVED 1
,A. Office of Management and Budget (OMB)
B. National Institute of Standards and Technology (NIST)
C. National Security Agency (NSA)
D. Department of Justice - ....ANSWER ...-A. Office of Management and Budget
(OMB)
Which one of the following publications provides details of the monitoring security
control?
A. NIST SP 800 53
B. NIST SP 800 42
C. NIST SP 800 37
...©️ 2025, ALL RIGHTS RESERVED 2
,D. NIST SP 800 41 - ....ANSWER ...-C. NIST SP 800 37
Which of the following statements about Discretionary Access Control List (DACL) is
true?
A. It is a list containing user accounts, groups, and computers that are allowed (or
denied) access to the object.
B. It specifies whether an audit activity should be performed when an object attempts to
access a resource.
C. It is a unique number that identifies a user, group, and computer account.
D. It is a rule list containing access control entries. - ....ANSWER ...-A. It is a list
containing user accounts, groups, and computers that are allowed (or denied) access to
the object.
FIPS Publication 199 defines three levels of potential impact to the compromise of
confidentiality, integrity, and availability. These levels are:
...©️ 2025, ALL RIGHTS RESERVED 3
, A. Minimum, Normal, Maximum
B. Low, Moderate, High
C. Unclassified, Confidential, Secret
D. Confidential, Secret, Top Secret - ....ANSWER ...-B. Low, Moderate, High
Which of the following individuals is responsible for monitoring the information system
environment that can negatively impact the security of the system and its accreditation?
A. Chief Information Security Officer
B. Chief Information Officer
C. Chief Risk Officer
...©️ 2025, ALL RIGHTS RESERVED 4
QUESTIONS AND ANSWERS
Which of the following groups represents the most likely source of an asset loss through
the inappropriate use of computers?
A. Employees
B. Hackers
C. Visitors
D. Customers - ....ANSWER ...-A. Employees
FISMA charges which one of the following agencies with the responsibility of overseeing
the security policies and practices of all agencies of the executive branch of the Federal
government?
...©️ 2025, ALL RIGHTS RESERVED 1
,A. Office of Management and Budget (OMB)
B. National Institute of Standards and Technology (NIST)
C. National Security Agency (NSA)
D. Department of Justice - ....ANSWER ...-A. Office of Management and Budget
(OMB)
Which one of the following publications provides details of the monitoring security
control?
A. NIST SP 800 53
B. NIST SP 800 42
C. NIST SP 800 37
...©️ 2025, ALL RIGHTS RESERVED 2
,D. NIST SP 800 41 - ....ANSWER ...-C. NIST SP 800 37
Which of the following statements about Discretionary Access Control List (DACL) is
true?
A. It is a list containing user accounts, groups, and computers that are allowed (or
denied) access to the object.
B. It specifies whether an audit activity should be performed when an object attempts to
access a resource.
C. It is a unique number that identifies a user, group, and computer account.
D. It is a rule list containing access control entries. - ....ANSWER ...-A. It is a list
containing user accounts, groups, and computers that are allowed (or denied) access to
the object.
FIPS Publication 199 defines three levels of potential impact to the compromise of
confidentiality, integrity, and availability. These levels are:
...©️ 2025, ALL RIGHTS RESERVED 3
, A. Minimum, Normal, Maximum
B. Low, Moderate, High
C. Unclassified, Confidential, Secret
D. Confidential, Secret, Top Secret - ....ANSWER ...-B. Low, Moderate, High
Which of the following individuals is responsible for monitoring the information system
environment that can negatively impact the security of the system and its accreditation?
A. Chief Information Security Officer
B. Chief Information Officer
C. Chief Risk Officer
...©️ 2025, ALL RIGHTS RESERVED 4