← Back to exam page

CAP Certified Authorization Professional

Loading demo links...

Showing 4–6 of 15 questions

Question 4 (Volume D)

Certification and Accreditation (C&A or CnA) is a process for implementing information security. It is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to or after a system is in operation. Which of the following statements are true about Certification and Accreditation?

Each correct answer represents a complete solution. Choose two.

Select all that apply, then click Submit answer.

  • Accreditation is the official management decision given by a senior agency official to authorize operation of an information system.

  • Certification is a comprehensive assessment of the management, operational, and technical security controls in an information system.

  • Accreditation is a comprehensive assessment of the management, operational, and technical security controls in an information system.

  • Certification is the official management decision given by a senior agency official to authorize operation of an information system.
Question 5 (Volume C)

Information Security management is a process of defining the security controls in order to protect information assets. The first action of a management program to implement information security is to have a security program in place. What are the objectives of a security program? Each correct answer represents a complete solution. Choose all that apply.

Select all that apply, then click Submit answer.

  • Security organization

  • System classification

  • Information classification

  • Security education
Question 6 (Volume A)

The IAM/CA makes certification accreditation recommendations to the DAA. The DAA issues accreditation determinations. Which of the following are the accreditation determinations issued by the DAA?

Each correct answer represents a complete solution. Choose all that apply.

Select all that apply, then click Submit answer.

  • IATO

  • ATO

  • IATT

  • ATT

  • DATO