CAP Exam Prep: Continuous Monitoring and Security Assessment, Exams of Business Administration

A series of questions and answers related to the cap (certified authorization professional) exam, focusing on continuous monitoring within the system development life cycle. It covers key concepts such as risk assessment, security controls, and compliance with fisma and nist standards. The material is designed to test and reinforce understanding of information security principles and practices, particularly in the context of federal information systems. It is useful for students and professionals preparing for certification or working in cybersecurity.

Typology: Exams

2024/2025

Available from 05/23/2025

locaz-turus-1
locaz-turus-1 🇺🇸

5

(1)

13K documents

1 / 10

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CAP exam test 4
With the exception of the system withdrawal and decommissioning task of the monitor step, continuous
monitoring takes place at what phase of the system development life cycle phase? correct answer
Operations/Maintenance
The use of automation to support ongoing assessments facilitates all but one of the following.
Frequency
Verification
Volume
Coverage correct answer Verification
The primary responsibility to update authorization package documents lies on which of the following
officials?
Assessor and System Owner
System Owner and System Administrator
System Owner and Common Control Provider
Authorizing Official Designated Representative and Assessor correct answer System Owner and
Common Control Provider
What is NVD? correct answer the U.S. government repository of standards based vulnerability
management data represented using the Security Content Automation Protocol (SCAP).
Which of the following provides instructions for annual FISMA reporting and emphasizes monitoring the
security state of information systems on an ongoing bases with a frequency sufficient to make ongoing,
risk-based decisions?
FISMA, 2002
OMB Circular A-130, Appendix III, 1997
Clinger-Cohen Act
OMB memorandum M-11-33, FY 2011 correct answer OMB memorandum M-11-33, FY 2011
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download CAP Exam Prep: Continuous Monitoring and Security Assessment and more Exams Business Administration in PDF only on Docsity!

CAP exam test 4

With the exception of the system withdrawal and decommissioning task of the monitor step, continuous monitoring takes place at what phase of the system development life cycle phase? correct answer Operations/Maintenance The use of automation to support ongoing assessments facilitates all but one of the following. Frequency Verification Volume Coverage correct answer Verification The primary responsibility to update authorization package documents lies on which of the following officials? Assessor and System Owner System Owner and System Administrator System Owner and Common Control Provider Authorizing Official Designated Representative and Assessor correct answer System Owner and Common Control Provider What is NVD? correct answer the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). Which of the following provides instructions for annual FISMA reporting and emphasizes monitoring the security state of information systems on an ongoing bases with a frequency sufficient to make ongoing, risk-based decisions? FISMA, 2002 OMB Circular A-130, Appendix III, 1997 Clinger-Cohen Act OMB memorandum M-11-33, FY 2011 correct answer OMB memorandum M-11-33, FY 2011

What is the position Senior Information Security Officer, or Chief Information Security Officer, known as at the the agency level? correct answer Senior Agency Information Security Officer (SA-ISO) When carrying out ongoing risk response, the effectiveness of new, modified, enhanced, or added controls must be... correct answer Reassessed Which of the following would be the best countermeasure to implement if the root cause of a change is determined to be a failure of staff to adhere to established configuration management processes? All of the above Implement additional controls to reduce the risk of future attacks Remedial training Adjust intrusion detection and prevention system correct answer Remedial training The monitoring frequency for each security control is based on which of the following? None of the above Decisions of the SCA Authorization limit date Organizational continuous monitoring strategy correct answer Organizational continuous monitoring strategy A group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual defines which of the following? Enrolment list None of the above Personally identifiable information System of Record correct answer System of Record Ongoing authorizations and reporting can be time- and event-driven. Which official has the primary responsibility for ongoing authorizations? correct answer Authorizing Official

Security control volatility and Organizational risk tolerance are some of the criteria taken into consideration when establishing monitoring frequencies for metrics or assessment frequencies for security controls. True or false? correct answer True According to NIST SP 800-53A, "the extent to which controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements of the system" defines which of the following terms? Adequate security Information security Control effectiveness Assurance correct answer Control effectiveness Which emphasizes the importance of continuous monitoring by requiring agencies to conduct control assessments at a frequency appropriate to risk but no less than annually? correct answer FISMA 2002 What is not a responsibility of the Risk Executive (Function) in an organization's ISCM? Provide input to mission/business process and information tier entities on ISCM strategy Oversee the organization's ISCM program Review status reports from the ISCM process as input to information security risk posture and risk tolerance Participate in the configuration management process correct answer Participate in the configuration management process Which role has the primary responsibility to conduct ongoing assessments after an initial system authorization? correct answer Security Control Assessor (SCA) Likelihood of occurrence is a weighted risk factor that is assessed based on adversary intent, advesary targetting, and one of the following. Which one? Nation state actors Vulnerability Threat capability Threats correct answer Threat capability

Choose from the following options the U.S. government repository of standards-based vulnerability management data where you can easily find the NIST standards for guidance on continuous monitoring. NIST SP 800- ISCM NVD SCAP correct answer NVD In accordance with the organizational continuous monitoring strategy, the results of monitoring activities are documented and reported to: correct answer The Authorizing Official and other Organizational Officials Which NIST special configuration provides guidance on security-focused configration management? NIST SP 800- NIST SP 800- NIST SP 800- NIST SP 800-37 correct answer NIST SP 800- During information system continuous monitoring you have to monitor changes in the machine elements of the system such as computer elements and data stored in hardware - typically in read only memory (ROM) or programmable read only memory (PROM) - such that the programs and data cannot be dynamically written or modified during execution of the programs. What is the name of such and element? correct answer Firmware A measure of the degree to which an organization depends on the information or information system for the success of a mission or of a business function best defines which of the following? Confidentiality Sensitivity Criticality Assurance correct answer Criticality

To maintain the system in support of risk management decisions. All of the above. correct answer To maintain an ongoing situational awareness about the security and privacy posture of the information system and the organization What is the first step in the process of implementing an Information Security Continuous Monitoring (ISCM)? correct answer Define an ISCM strategy Risk assessments at the organizational level leverages agregated information from system-level risk assessment results, continuous monitoring and any startegic risk considerations relevant to the organization. Which if the follwing reasons best explain why the results of risk assessments is essential to the organization? Risk assessment result helps the organization establish a Cyber Security Framework Profile. Risk assessment results help in risk mitigation. All of the above. Risk assessment results help in risk identification. correct answer Risk assessment result helps the organization establish a Cyber Security Framework Profile Which NIST publication provides guidance on the three tiers in the risk management heirarchy including Tier 1, Tier 2, annd Tier 3? NIST SP 800- NIST SP 800- NIST SP 800- NIST SP 800-39 correct answer NIST SP 800- From a system authorization perspective, why are potential system software patches tested prior to deployment? To identify potential security impacts that may be caused by the patch. To comply with Public Law 107-347. To ensure that the system documentation is current with the changes. To support long-term investments. correct answer To identify potential security impacts that may be caused by the patch

Common activities within organizations can cause changes to systems or the environments of operation and can have significant impact on the security posture of systems. Which of the following is not an example of system a system change? Installing or disposing of hardware Moving to a new facility Making changes to configuration Installing patches outside of the established configuration change control process correct answer Moving to a new facility Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management is the title of what requirement? OMB Circular A-130, Appendix III, 1997 Clinger-Cohen Act OMB memorandum M-11-33, FY 2011 FISMA, 2002 correct answer OMB memorandum M-11-33, FY 2011 Based on the results of the continuous monitoring process, all excluding one of the following key documents are updated. Security plan Plan of action and milestones Continuous monitoring strategy Security and privacy assessment results correct answer Continuous monitoring strategy If requested by the authorizing official, control assessors may provide recommendations for remediation actions. Such recommendations may also be provided by an automated security management and reporting tool. True or false? correct answer True Step 7 of the risk management framework can be described as: correct answer The post authorization phase of the system authorization plan

Conducting table-top exercises correct answer Conducting table-top exercises Who is primarily responsible for the withdrawal and decommissioning of and information system? correct answer Information system owner An organizational official with statutory or operational authority for specified information and responsibility for establishing the controls for its generation, collection, processing, dissemination, and disposal is known as the: correct answer Information Owner