Which of the following professionals plays the role of a monitor and takes part in the
organization’s configuration management process?
The Chief Information Officer (CIO), or Information Technology (IT) director, is a job title
commonly given to the most senior executive in an enterprise. What are the responsibilities
of a Chief Information Officer? Each correct answer represents a complete solution. Choose
all that apply.
The Information System Security Officer (ISSO) and Information System Security Engineer
(ISSE) play the role of a supporter and advisor, respectively. Which of the following
statements are true about ISSO and ISSE? Each correct answer represents a complete
solution. Choose all that apply.
Which of the following professionals is responsible for starting the Certification &
Accreditation (C&A) process?
Which of the following assessment methodologies defines a six-step technical security
DIACAP applies to the acquisition, operation, and sustainment of any DoD system that
collects, stores, transmits, or processes unclassified or classified information since
December 1997. What phases are identified by DIACAP? Each correct answer represents a
complete solution. Choose all that apply.
Mark works as a Network Administrator for NetTech Inc. He wants users to access only
those resources that are required for them. Which of the following access control models
will he use?
Which of the following refers to an information security document that is used in the United
States Department of Defense (DoD) to describe and accredit networks and systems?
James work as an IT systems personnel in SoftTech Inc. He performs the following tasks:
Runs regular backups and routine tests of the validity of the backup data. Performs data
restoration from the backups whenever required. Maintains the retained records in
accordance with the established information classification policy. What is the role played by
James in the organization?
FITSAF stands for Federal Information Technology Security Assessment Framework. It is a
methodology for assessing the security of information systems. Which of the following
FITSAF levels shows that the procedures and controls have been implemented?