The purpose of this Sample Question Set is to provide you with information about the ISC2 Information Systems Security Engineering Professional (CISSP-ISSEP) exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the CISSP-ISSEP certification test. To get familiar with real exam environment, we suggest you try our Sample ISC2 ISSEP Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual ISC2 Information Systems Security Engineering Professional (CISSP-ISSEP) certification exam.
These sample questions are simple and basic questions that represent likeness to the real ISC2 Information Systems Security Engineering Professional exam questions. To assess your readiness and performance with real-time scenario based questions, we suggest you prepare with our Premium ISC2 CISSP-ISSEP Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.
ISC2 CISSP-ISSEP Sample Questions:
01. Which of the following federal laws are related to hacking activities?
a) 18 U.S.C. 1030
b) 18 U.S.C. 1029
c) 18 U.S.C. 2510
d) 18 U.S.C. 1028
02. In which of the following DIACAP phases is residual risk analyzed?
a) Phase 2
b) Phase 3
c) Phase 5
d) Phase 1
e) Phase 4
03. Which of the following types of CNSS issuances establishes criteria, and assigns responsibilities?
a) Advisory memoranda
04. Which of the following DITSCAP/NIACAP model phases is used to show the required evidence to support the DAA in accreditation process and conclude in an Approval To Operate (ATO)?
c) Post accreditation
05. NIST SP 800-53A defines three types of interview depending on the level of assessment conducted. Which of the following NIST SP 800-53A interviews consists of informal and ad hoc interviews?
06. Which of the following roles is also known as the accreditor?
a) Data owner
b) Chief Information Officer
c) Chief Risk Officer
d) Designated Approving Authority
07. Which of the following DoD directives defines DITSCAP as the standard C&A process for the Department of Defense?
a) DoD 5200.22-M
b) DoD 8910.1
c) DoD 5200.40
d) DoD 8000.1
08. Which of the following is NOT an objective of the security program?
a) Security education
b) Information classification
c) Security organization
d) Security plan
09. Which of the following are the ways of sending secure e-mail messages over the Internet?
10. Which of the following principles are defined by the IATF model?
a) The degree to which the security of the system, as it is defined, designed, and implemented, meets the security needs.
b) The problem space is defined by the customer's mission or business needs
c) The systems engineer and information systems security engineer define the solution space, which is driven by the problem space.
d) Always keep the problem and solution spaces separate.
Answer: a, b, c
Answer: a, b
Answer: b, c, d
Note: For any error in ISC2 Information Systems Security Engineering Professional (CISSP-ISSEP) certification exam sample questions, please update us by writing an email on firstname.lastname@example.org.