QUESTION 1
Which of the following memorandums directs the Departments and Agencies to post clear privacy policies on World
Wide Web sites, and provides guidance for doing it
A. OMB M-99-18
B. OMB M-00-13
C. OMB M-03-19
D. OMB M-00-07
Correct Answer: A
m
er as
QUESTION 2
co
eH w
Which of the following processes illustrate the study of a technical nature of interest to focused audience, and consist of
interim or final reports on work made by NIST for external sponsors, including government and non-government
o.
sponsors rs e
ou urc
A. Federal Information Processing Standards (FIPS)
B. Special Publication (SP)
o
C. NISTIRs (Internal Reports)
aC s
vi y re
D. DIACAP
Correct Answer: C
ed d
ar stu
QUESTION 3
Which of the following CNSS policies describes the national policy on controlled access protection?
is
A. NSTISSP No. 101
Th
B. NSTISSP No. 200
C. NCSC No. 5
sh
D. CNSSP No. 14
Correct Answer: B
QUESTION 4
2/6
, FIPS 199 defines the three levels of potential impact on organizations. Which of the following potential impact levels
shows limited adverse effects on organizational operations, organizational assets, or individuals
A. Moderate
B. Medium
C. High
D. Low
Correct Answer: D
QUESTION 5
Which of the following is NOT an objective of the security program
m
er as
A. Security education
co
eH w
B. Information classification
o.
C. Security organization rs e
ou urc
D. Security plan
Correct Answer: D
o
aC s
vi y re
QUESTION 6
Which of the following Security Control Assessment Tasks evaluates the operational, technical, and the management
security controls of the information system using the techniques and measures selected or developed
ed d
A. Security Control Assessment Task 3
ar stu
B. Security Control Assessment Task 1
is
C. Security Control Assessment Task 4
Th
D. Security Control Assessment Task 2
Correct Answer: A
sh
QUESTION 7
Fill in the blank with the appropriate phrase. The ____________ is the risk that remains after the implementation of new
or enhanced controls.
Correct Answer: residual risk
3/6
Which of the following memorandums directs the Departments and Agencies to post clear privacy policies on World
Wide Web sites, and provides guidance for doing it
A. OMB M-99-18
B. OMB M-00-13
C. OMB M-03-19
D. OMB M-00-07
Correct Answer: A
m
er as
QUESTION 2
co
eH w
Which of the following processes illustrate the study of a technical nature of interest to focused audience, and consist of
interim or final reports on work made by NIST for external sponsors, including government and non-government
o.
sponsors rs e
ou urc
A. Federal Information Processing Standards (FIPS)
B. Special Publication (SP)
o
C. NISTIRs (Internal Reports)
aC s
vi y re
D. DIACAP
Correct Answer: C
ed d
ar stu
QUESTION 3
Which of the following CNSS policies describes the national policy on controlled access protection?
is
A. NSTISSP No. 101
Th
B. NSTISSP No. 200
C. NCSC No. 5
sh
D. CNSSP No. 14
Correct Answer: B
QUESTION 4
2/6
, FIPS 199 defines the three levels of potential impact on organizations. Which of the following potential impact levels
shows limited adverse effects on organizational operations, organizational assets, or individuals
A. Moderate
B. Medium
C. High
D. Low
Correct Answer: D
QUESTION 5
Which of the following is NOT an objective of the security program
m
er as
A. Security education
co
eH w
B. Information classification
o.
C. Security organization rs e
ou urc
D. Security plan
Correct Answer: D
o
aC s
vi y re
QUESTION 6
Which of the following Security Control Assessment Tasks evaluates the operational, technical, and the management
security controls of the information system using the techniques and measures selected or developed
ed d
A. Security Control Assessment Task 3
ar stu
B. Security Control Assessment Task 1
is
C. Security Control Assessment Task 4
Th
D. Security Control Assessment Task 2
Correct Answer: A
sh
QUESTION 7
Fill in the blank with the appropriate phrase. The ____________ is the risk that remains after the implementation of new
or enhanced controls.
Correct Answer: residual risk
3/6
