Free Information Systems Security Management Professional Exam ISSMP Exam Practice Test

What course of action can be taken by a party if the current negotiations fail and an agreement cannot be reached?A . ZOPAB . PONC . BiasD . BATNA

• Care should be taken, however, to ensure that deals are accurately valued, taking into account all considerations, such as relationship value, time value of money and the likelihood that the other party will live up to their side of the bargain. These other considerations are often difficult to value, since they are frequently based on uncertain or qualitative considerations, rather than easily measurable and quantifiable factors.
• Answer option A is incorrect. The zone of possible agreement (ZOPA), in sales and negotiations, describes the intellectual zone between two parties where an agreement can be met which both parties can agree to. Within this zone, an agreement is possible. Outside of the zone, no amount of negotiation will yield an agreement.
• Answer option B is incorrect. The Program on Negotiation (PON) is a research center for the study and teaching of negotiation and conflict resolution. It was established as a consortium between Harvard, MIT, and Tufts University almost 25 years ago and is located at Harvard Law School. PON sponsors events, visiting scholars and researchers, graduate research fellows and conferences. It also offers negotiation and conflict resolution educational opportunities for students and professionals, and publishes the monthly Negotiation newsletter, quarterly Negotiation Journal, and the annual Harvard Negotiation Law Review.
• Answer option C is incorrect. Bias is a term used to describe a tendency or preference towards a particular perspective, ideology or result, when the tendency interferes with the ability to be impartial, unprejudiced, or objective. In other words, bias is generally seen as a 'one-sided' perspective. The term biased refers to a person or group who is judged to exhibit bias. It is used to describe an attitude, judgment, or behavior that is influenced by a prejudice. Bias can be unconscious or conscious in awareness. Having a bias is part of a normal development.
• Labeling someone as biased in some regard implies they need a greater or more flexible perspective in that area, or that they need to
• consider more deeply the context.

Tomas is the project manager of the QWS Project and is worried that the project stakeholders will want to change the project scope frequently. His fear is based on the many open issues in the project and how the resolution of the issues may lead to additional project changes. On what document are Tomas and the stakeholders working in this scenario?A . Communications management planB . Change management planC . Issue logD . Risk management plan

Which of the following is NOT a valid maturity level of the Software Capability Maturity Model (CMM)?A . Managed levelB . Defined levelC . Fundamental levelD . Repeatable level

Which of the following statements reflect the 'Code of Ethics Canons' in the '(ISC)2 Code of Ethics'?Each correct answer represents a complete solution. Choose all that apply.A . Provide diligent and competent service to principals.B . Protect society, the commonwealth, and the infrastructure.C . Give guidance for resolving good versus good and bad versus bad dilemmas.D . Act honorably, honestly, justly, responsibly, and legally.

Which of the following refers to an information security document that is used in the United States Department of Defense (DoD) to describe and accredit networks and systems?A . SSAAB . FITSAFC . FIPSD . TCSEC

You work as a Web Administrator for Perfect World Inc. The company is planning to host an E- commerce Web site. You are required to design a security plan for it. Client computers with different operating systems will access the Web server. How will you configure the Web server so that it is secure and only authenticated users are able to access it?Each correct answer represents a part of the solution. Choose two.A . Use encrypted authentication. B . Use the SSL protocol.C . Use the EAP protocol.D . Use Basic authentication.

You are a project manager of a large construction project. Within the project you are working with several vendors to complete different phases of the construction. Your client has asked that you arrange for some of the materials a vendor is to install next week in the project to be changed. According to the change management plan what subsystem will need to manage this change request?A . CostB . ResourcesC . ContractD . Schedule

Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?A . Risk mitigation B . Risk transferC . Risk acceptanceD . Risk avoidance

Which of the following security models deal only with integrity? Each correct answer represents a complete solution. Choose two.A . Biba-WilsonB . Clark-WilsonC . Bell-LaPadulaD . Biba

Which of the following statements about the integrity concept of information security management are true?Each correct answer represents a complete solution. Choose three.A . It ensures that unauthorized modifications are not made to data by authorized personnel or processes.B . It determines the actions and behaviors of a single individual within a systemC . It ensures that modifications are not made to data by unauthorized personnel or processes.D . It ensures that internal information is consistent among all subentities and also consistent with the real-world, external situation.