Free ISSMP Exam Braindumps

Which of the following persons is responsible for testing and verifying whether the security policy is properly implemented, and the derived security solutions are adequate or not?

1. A. Data custodian
2. B. Auditor
3. C. User
4. D. Data owner

Correct Answer: B

Which of the following steps is the initial step in developing an information security strategy?

1. A. Perform a technical vulnerabilities assessment.
2. B. Assess the current levels of security awareness.
3. C. Perform a business impact analysis.
4. D. Analyze the current business strateg

Correct Answer: D

Rachael is the project manager for a large project in her organization. A new change request has been proposed that will affect several areas of the project. One area of the project change impact is on work that a vendor has already completed. The vendor is refusing to make the changes as they've already completed the project work they were contracted to do. What can Rachael do in this instance?

1. A. Threaten to sue the vendor if they don't complete the work.
2. B. Fire the vendor for failing to complete the contractual obligation.
3. C. Withhold the vendor's payments for the work they've completed.
4. D. Refer to the contract agreement for directio

Correct Answer: D

Which of the following administrative policy controls is usually associated with government classifications of materials and the clearances of individuals to access those materials?

1. A. Separation of Duties
2. B. Due Care
3. C. Acceptable Use
4. D. Need to Know

Correct Answer: D

Which of the following evidences are the collection of facts that, when considered together, can be used to infer a conclusion about the malicious activity/person?

1. A. Direct
2. B. Circumstantial
3. C. Incontrovertible
4. D. Corroborating

Correct Answer: B