1 | Page
FITSP - Manager Questions Newest
Actual Exam 2026/ 2027 Newest Actual
Exam With Complete Expert Approved
Questions And Correct Detailed
Answers (Verified Answers) For
Guaranteed Pass |Already Graded
A+|Brand New!!!
Which approach to lessons learned helps identify most of the lessons
learned on a project?
scheduling lessons learned regularly
anonymous method for sumbitting
without managers present
reminding them to be positive
----Solution----scheduling lessons learned regularly
You are using earned value analysis to track your project's progress. In
your project, earned value is higher than planned value and actual value.
That means the project is _____ schedule and _____ budget.
behind; under
ahead of; under
ahead of; over
behind; over
,2 | Page
----Solution----ahead of; under
How does a project charter support the project manager in getting things
for the project from other people?
----Solution----documenting the work the project manager does
What does Federal Continuity Directive 2 provide?
----Solution----This provides a required template for a process-based
BIA.
What does RTO define?
----Solution----The maximum amount of time tha system resource can
remain unavailble before there is an unacceptable impact on other
system resourcess, supported mission/business, and the MTD.
What does RPO represent?
----Solution----The point in time, prior to a outage to which
mission/business process data can be recovered after the outage.
What is a Cold site?
----Solution----Facilities with adequate space and infrastructure
What is a Warm site?
----Solution----Partialy equipped offices spaces that contain some or all
of the system h/w, s/w, telecommunications, and power source.
,3 | Page
What does appendix a of 800-34 provide.
----Solution----Templates that orgs may use to develop ISCP for thier IS
at the appropriate FIPS 199 levels.
What is 800-61
----Solution----Incident Response
What are steps for handling an incident?
----Solution----
Preparation
Detection and Analysis
Containment, Eradication, and Recovery
Post-Incident Activity
What does US-CERT Incident Reporting [IR 6,7] require?
----Solution----Each agency must designate a primary and secondary
POC with US-CERT, report all incidents, and internally document
corrective action and thier impact [IR-7]
What are IR oganizations?
----Solution----US-Cert
Infomation Analysis Infrastucture Protection (IAIP)
CERT Coordination Center (CERT /CC)
, 4 | Page
Information Sharing and Analysis Center (ISAC)
What is CERT /CC?
----Solution----This nongovermental entity is interested entity is
interested in any computer security incidents involving the Internet
What is IAIP apart of and what it it interested in?
----Solution----This org is apart of DHS, and it is interested in any
threats to critical US infrastructure.
*Any incident that involves compromised PII must be reported to US-
CERT within one hour regardless of the incident category reporting time
frame. True or False?
----Solution----True
What are Federal Agency Incident Reporting Categories
----Solution----
CAT 0 - Exercise/Network Defense Testing
CAT 1 - *Unauthorized Access
CAT 2 - *Denial of Service
CAT 3 - * Malicious Code
CAT 4 - * Inappropriate Usage
CAT 5 - Scans/Probes/Attempted Access
CAT 6 - Investigation
FITSP - Manager Questions Newest
Actual Exam 2026/ 2027 Newest Actual
Exam With Complete Expert Approved
Questions And Correct Detailed
Answers (Verified Answers) For
Guaranteed Pass |Already Graded
A+|Brand New!!!
Which approach to lessons learned helps identify most of the lessons
learned on a project?
scheduling lessons learned regularly
anonymous method for sumbitting
without managers present
reminding them to be positive
----Solution----scheduling lessons learned regularly
You are using earned value analysis to track your project's progress. In
your project, earned value is higher than planned value and actual value.
That means the project is _____ schedule and _____ budget.
behind; under
ahead of; under
ahead of; over
behind; over
,2 | Page
----Solution----ahead of; under
How does a project charter support the project manager in getting things
for the project from other people?
----Solution----documenting the work the project manager does
What does Federal Continuity Directive 2 provide?
----Solution----This provides a required template for a process-based
BIA.
What does RTO define?
----Solution----The maximum amount of time tha system resource can
remain unavailble before there is an unacceptable impact on other
system resourcess, supported mission/business, and the MTD.
What does RPO represent?
----Solution----The point in time, prior to a outage to which
mission/business process data can be recovered after the outage.
What is a Cold site?
----Solution----Facilities with adequate space and infrastructure
What is a Warm site?
----Solution----Partialy equipped offices spaces that contain some or all
of the system h/w, s/w, telecommunications, and power source.
,3 | Page
What does appendix a of 800-34 provide.
----Solution----Templates that orgs may use to develop ISCP for thier IS
at the appropriate FIPS 199 levels.
What is 800-61
----Solution----Incident Response
What are steps for handling an incident?
----Solution----
Preparation
Detection and Analysis
Containment, Eradication, and Recovery
Post-Incident Activity
What does US-CERT Incident Reporting [IR 6,7] require?
----Solution----Each agency must designate a primary and secondary
POC with US-CERT, report all incidents, and internally document
corrective action and thier impact [IR-7]
What are IR oganizations?
----Solution----US-Cert
Infomation Analysis Infrastucture Protection (IAIP)
CERT Coordination Center (CERT /CC)
, 4 | Page
Information Sharing and Analysis Center (ISAC)
What is CERT /CC?
----Solution----This nongovermental entity is interested entity is
interested in any computer security incidents involving the Internet
What is IAIP apart of and what it it interested in?
----Solution----This org is apart of DHS, and it is interested in any
threats to critical US infrastructure.
*Any incident that involves compromised PII must be reported to US-
CERT within one hour regardless of the incident category reporting time
frame. True or False?
----Solution----True
What are Federal Agency Incident Reporting Categories
----Solution----
CAT 0 - Exercise/Network Defense Testing
CAT 1 - *Unauthorized Access
CAT 2 - *Denial of Service
CAT 3 - * Malicious Code
CAT 4 - * Inappropriate Usage
CAT 5 - Scans/Probes/Attempted Access
CAT 6 - Investigation
