Free Information Systems Security Engineering Professional ISSEP Exam Practice Test

The functional analysis process is used for translating system requirements into detailed function criteria. Which of the following are the elements of functional analysis process? Each correct answer represents a complete solution. Choose all that apply.

• Model possible overall system behaviors that are needed to achieve the system requirements.
• Develop concepts and alternatives that are not technology or component bound.
• Decompose functional requirements into discrete tasks or activities, the focus is still on technology not functions or components.
• Use a top-down with some bottom-up approach verification.

Which of the following phases of the ISSE model is used to determine why the system needs to be built and what information needs to be protected?

• Develop detailed security design
• Define system security requirements
• Discover information protection needs
• Define system security architecture

Which of the following federal agencies coordinates, directs, and performs highly specialized activities to protect U.S. information systems and produces foreign intelligence information?

• National Institute of Standards and Technology (NIST)
• National Security Agency/Central Security Service (NSA/CSS)
• Committee on National Security Systems (CNSS)
• United States Congress

The National Information Assurance Certification and Accreditation Process (NIACAP) is the minimum standard process for the certification and accreditation of computer and telecommunications systems that handle U.S. national security information. Which of the following participants are required in a NIACAP security assessment?Each correct answer represents a part of the solution. Choose all that apply.

• Information Assurance Manager
• Designated Approving Authority
• Certification agent
• IS program manager
• User representative

You work as a security engineer for BlueWell Inc. According to you, which of the following statements determines the main focus of the ISSE process?

• Design information systems that will meet the certification and accreditation documentation.
• Identify the information protection needs.
• Ensure information systems are designed and developed with functional relevance.
• Instruct systems engineers on availability, integrity, and confidentiality.

There are seven risk responses for any project. Which one of the following is a valid risk response for a negative risk event?

• Acceptance
• Enhance
• Share
• Exploit

An Authorizing Official plays the role of an approver. What are the responsibilities of an Authorizing Official? Each correct answer represents a complete solution. Choose all that apply.

• Ascertaining the security posture of the organization's information system
• Reviewing security status reports and critical security documents
• Determining the requirement of reauthorization and reauthorizing information systems when required
• Establishing and implementing the organization's continuous monitoring program

Registration Task 5 identifies the system security requirements. Which of the following elements of Registration Task 5 defines the type of data processed by the system?

• Data security requirement
• Network connection rule
• Applicable instruction or directive
• Security concept of operation

Which of the following agencies is responsible for funding the development of many technologies such as computer networking, as well as NLS?DARPADTICDISADIAP

• The DIAP's main objective is to ensure that the DoD's vital information resources are secured and protected by incorporating IA activities to
• get a secure net-centric GIG operation enablement and information supremacy by applying a Defense-in-Depth methodology that integrates
• the capabilities of people, operations, and technology to establish a multi-layer, multidimensional protection.

Which of the following are the functional analysis and allocation tools? Each correct answer represents a complete solution. Choose all that apply.

• Functional flow block diagram (FFBD)
• Activity diagram
• Timeline analysis diagram
• Functional hierarchy diagram