- Study guides, Class notes & Summaries

Architecture A set for related physical and logical representations (i.e., views) of a system or a solution. The architecture conveys information about the system/solution elements, interconnections, relationships, and behavior at different levels of abstractions and with different scopes. Availability Ensuring Timely and reliable access to and use of information. Confidentiality Preserving authorized restrictions on information access and disclosure including means for protectin...

E.O. 13231 Directs which actions -Protection of information systems as components of CI -Protection of emergency preparedness communications -Protection of supporting physical assets E.O. 13231 assigns these responisbilities -Director, OMB to develop and oversee the implementation of government-wide policies principles, standards and guidelines -SecDef and DCI will oversee, develop, and ensure implmentation of policies, priniciples, standards, and guidlines for the secuirty of inf...

SDLC Phases - Initiation (need for system is expressed and documented) - Development/Acquisition : system designed, purchased, and developed - Implementation/Assessment - Operation/Maintenance - Disposal CNSSP 14 Release of security information to contractors and other non government personnel CNSSP 15 AES CNSSD 500 IA training, awareness, etc INFOSEC 2-00 NIAP partnership notification CNSSP 6 TestTrackers: Unlock Your Exam Potential! | Quality Practice Materials | Boost ...

What is ISSE activity 1? Informaton Protection Needs What is ISSE activity 2? Define System Security Requirments What is ISSE activity 3? Design System Security Architecture What is ISSE activity 4? Develop Detailed Security Design What is ISSE activity 5? Implement System Security What is ISSE activity 6? Assess Information Protection Effectiveness If the Systems Engineer (SE) has not completed the 'Discover Needs' SE activity what SE tasks must the ISSE complete? Tes...

FITSAF Level 1: The first level reflects that an asset has documented a security policy. Level 2: The second level shows that the asset has documented procedures and controls to implement the policy. Level 3: The third level indicates that these procedures and controls have been implemented. Level 4: The fourth level shows that the procedures and controls are tested and reviewed. Level 5: The fifth level is the final level and shows that the asset has procedures and controls full...

Discover Information Needs Tasks 1.1 Analyze organization mission 1.2 Determine relationship and importance of information to mision 1.3 Identify leagl and regualtory requirements 1.4 Identify classes of threats 1.5 Determine impacts 1.6 Identify security services 1.7 Document the information portection needs 1.8 Document security managment roles and responsibilities 1.9 Identify design constraints 1.10 Assess information protection effectiveness 1.10.1 Provide/present doc...

You are advising a non profit organization on disaster recover plans. In case a disaster affects the main IT centers for the organization, they will need to be able to operate from an alternate location. However, budget is an issue. Which of the following is most appropriate for this type of client? Warm, Cold, Shared,Hot Site Cold Site A customer requests to connect their LAN connection to the internet. Which of the following devices do yu recommend using to meet this goal? router, ...

SSE Process - Discover Information Protection Needs - Define System Security Requirements - Design System Security Architecture - Develop Detailed Security Design - Implement System Security - Assess Information Protection Effectiveness Information Management Needs Model - model defines processes, information being processed, and the users of the information and processes - decomposes user roles, processes and information - utilizes least privilege rules - should also incl...

ISSAP EXAM QUESTIONS AND 100% CORRECT ANSWERS...