← Back to exam page

ISSEP ISSEP Information Systems Security Engineering Professional

Loading demo links...

Showing 4–6 of 15 questions

Question 4

A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. Which of the following are required to be addressed in a well designed policy Each correct answer represents a part of the solution. Choose all that apply.

Select all that apply, then click Submit answer.

  • What is being secured

  • Who is expected to comply with the policy

  • Where is the vulnerability, threat, or risk

  • Who is expected to exploit the vulnerability
Question 5

What NIACAP certification levels are recommended by the certifier Each correct answer represents a complete solution. Choose all that apply.

Select all that apply, then click Submit answer.

  • Basic System Review

  • Basic Security Review

  • Maximum Analysis

  • Comprehensive Analysis

  • Detailed Analysis

  • Minimum Analysis
Question 6

FIPS 199 defines the three levels of potential impact on organizations low, moderate, and high. Which of the following are the effects of loss of confidentiality, integrity, or availability in a high level potential impact

Select all that apply, then click Submit answer.

  • The loss of confidentiality, integrity, or availability might cause severe degradation in or loss of mission capability to an extent.

  • The loss of confidentiality, integrity, or availability might result in major financial losses.

  • The loss of confidentiality, integrity, or availability might result in a major damage to organizational assets.

  • The loss of confidentiality, integrity, or availability might result in severe damages like life threatening injuries or loss of life.