100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CAP Exam (Certified Authorization Professional) Questions & Answers $8.99   Add to cart

Exam (elaborations)

CAP Exam (Certified Authorization Professional) Questions & Answers

 5 views  0 purchase
  • Course
  • CAP
  • Institution
  • CAP

CAP Exam (Certified Authorization Professional) Questions & Answers Name the set of specifications used to standardize the communication of software and security configurations - ANSWERSSCAP Assessment findings are expressed as one of which two options - ANSWERSSatisfactory/Other Which a...

[Show more]

Preview 2 out of 13  pages

  • October 22, 2024
  • 13
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CAP
  • CAP
avatar-seller
Bensuda
CAP Exam (Certified Authorization
Professional) Questions & Answers

Name the set of specifications used to standardize the communication of software and security
configurations - ANSWERSSCAP



Assessment findings are expressed as one of which two options - ANSWERSSatisfactory/Other



Which assessment objectives are specific hardware, software, or firmware safeguards/countermeasures
employed w/in an information system? - ANSWERSSpecifications



Which assessment method is the process of exercising one or more assessment objects (i.e., activities or
mechanisms) under specified conditions to compare actual with expected behavior? - ANSWERSTest



Security assessments are typically carried out during which of the following stages of the system
development lifecycle? - ANSWERSInitiation, Development/Acquisition, Implementation, Operations and
Maintenance



This standard specifies minimum security requirements for federal information and information systems
in seventeen security related areas. - ANSWERSFIPS 200



Security controls are organized by ____________ and ___________. - ANSWERSClass/Family



Which NIST Special Publication provides guidance for protecting PII. - ANSWERSSP 800-122



44 United States Code Section 3542(b)(2) defines - ANSWERSNational Security Systems



According to FIPS 199 a limited adverse effect means that the loss of confidentiality, integrity or
availability might: - ANSWERSCause degradation in mission capability to an extent and duration that the

, organization is able to perform its primary functions but the effectiveness of the functions is noticeably
reduced



The application of the security controls defined in NIST Special Publication 800-53 required by this
standard represents the current state-of-the-practice safeguards and countermeasures for information
systems.- - ANSWERSFIPS 200



How often will the security controls be reviewed by NIST and if necessary revised and extended? -
ANSWERSAfter a significant change



Which minimum security requirement, defined in FIPS 200, requires Organizations to limit physical
access to information systems, equipment and the respective operating environments to authorized
individuals? - ANSWERSPhysical and Environmental Protection



Which minimum security requirement, defined in FIPS 200, requires Organizations to ensure that
individuals occupying positions of responsibility within organizations (including third party service
providers) are trustworthy and meet established security criteria for those positions? -
ANSWERSPersonnel Security



Compliance schedules for NIST security standards and guidelines are established by what agency? -
ANSWERSOMB



Name the working Group with representatives from the Civil, Defense, and Intelligence Communities,
engaged in an ongoing effort to produce a unified information security framework for the federal
government including a consistent process for selecting and specifying safeguards and countermeasures
(i.e. security controls) for federal information systems. - ANSWERSJoint Task Force Transformation
Initiative



This document provides implementing guidance for NIST Special Publication 800-53 for national security
systems: - ANSWERSCNSS 1253



While the FIPS 199 security categorization associates the operation of the information system with the
potential adverse impact on organizational operations and assets, individuals, other organizations and
the Nation, the incorporation of refined threat and vulnerability information during the risk assessment

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Bensuda. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $8.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75323 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$8.99
  • (0)
  Add to cart