Free CAP Exam Dumps

Question 56

Which of the following are the objectives of the security certification documentation task?
Each correct answer represents a complete solution. Choose all that apply.

A. To prepare the Plan of Action and Milestones (POAM) based on the security assessment
B. To provide the certification findings and recommendations to the information system owner
C. To assemble the final security accreditation package and then submit it to the authorizing o fficial
D. To update the system security plan based on the results of the security assessment

Correct Answer:ABCD

Question 57

Which of the following requires all general support systems and major applications to be fully certified and accredited before these systems and applications are put into production?
Each correct answer represents a part of the solution. Choose all that apply.

A. NIST
B. FIPS
C. FISMA
D. Office of Management and Budget (OMB)

Correct Answer:CD

Question 58

Which of the following individuals is responsible for monitoring the information system environment for factors that can negatively impact the security of the system and its accreditation?

A. Chief Risk Officer
B. Chief Information Security Officer
C. Information System Owner
D. Chief Information Officer

Correct Answer:C

Question 59

Which of the following NIST documents includes components for penetration testing?

A. NIST SP 800-53
B. NIST SP 800-26
C. NIST SP 800-37
D. NIST SP 800-30

Correct Answer:D

Question 60

Which of the following is used throughout the entire C&A process?

A. DAA
B. DITSCAP
C. SSAA
D. DIACAP

Correct Answer:C