CAP Exam Dumps - CAP - Certified Authorization Professional
Mark is the project manager of the BFL project for his organization. He and the project team are creating a probability and impact matrix using RAG rating. There is some confusion and disagreement among the project team as to how a certain risk is important and priority for attention should be managed. Where can Mark determine the priority of a risk given its probability and impact?
There are seven risk responses for any project. Which one of the following is a valid risk response for a negative risk event?
In 2003, NIST developed a new Certification & Accreditation (C&A) guideline known as FIPS 199.
What levels of potential impact are defined by FIPS 199?
Each correct answer represents a complete solution. Choose all that apply.
Jeff, a key stakeholder in your project, wants to know how the risk exposure for the risk events is calculated during quantitative risk analysis. He is worried about the risk exposure which is too low for the events surrounding his project requirements. How is the risk exposure calculated?
What are the subordinate tasks of the Initiate and Plan IA C&A phase of the DIACAP process?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following DoD directives is referred to as the Defense Automation Resources Management Manual?
Which of the following assessment methodologies defines a six-step technical security evaluation?