Note! Following CAP Exam is Retired now. Please select the alternative replacement for your Exam Certification.

CAP Exam Dumps - CAP - Certified Authorization Professional

Go to page:

<< First
Prev
1
2
3
4
5
6
7
8
Next
Last >>

Question # 33

James work as an IT systems personnel in SoftTech Inc. He performs the following tasks:

Runs regular backups and routine tests of the validity of the backup data.

Performs data restoration from the backups whenever required.

Maintains the retained records in accordance with the established information classification policy.

What is the role played by James in the organization?

Manager

User

Owner

Custodian

Full Access

Question # 34

Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them. Which of the following access control models will he use?

Discretionary Access Control

Mandatory Access Control

Policy Access Control

Role-Based Access Control

Full Access

Question # 35

You work as a project manager for BlueWell Inc. You are preparing to plan risk responses for your project with your team. How many risk response types are available for a negative risk event in the project?

Seven

Three

Four

One

Full Access

Question # 36

Sammy is the project manager for her organization. She would like to rate each risk based on its probability and affect on time, cost, and scope. Harry, a project team member, has never done this before and thinks Sammy is wrong to attempt this approach. Harry says that an accumulative risk score should be created, not three separate risk scores. Who is correct in this scenario?

Harry is correct, because the risk probability and impact considers all objectives of the proj ect.

Harry is correct, the risk probability and impact matrix is the only approach to risk assessm ent.

Sammy is correct, because sheis the project manager.

Sammy is correct, because organizations can create risk scores for each objective of the pr oject.

Full Access

Question # 37

David is the project manager of HGF project for his company. David, the project team, and several key stakeholders have completed risk identification and are ready to move into qualitative risk analysis. Tracy, a project team member, does not understand why they need to complete qualitative risk analysis. Which one of the following is the best explanation for completing qualitative risk analysis?

It isa rapid and cost-effective means of establishing priorities for the plan risk responses and lays the foundation for quantitative analysis.

It is a cost-effective means of establishing probability and impact for the project risks.

Qualitative risk analysis helps segment the project risks, create a risk breakdown structure, and create fast and accurate risk responses.

All risks must pass through quantitative risk analysis before qualitative risk analysis.

Full Access

Question # 38

Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident?

Safeguards

Preventive controls

Detective controls

Corrective controls

Full Access

Question # 39

Which of the following is a standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system?

FITSAF

TCSEC

FIPS

SSAA

Full Access

Question # 40

Which of the following is a standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system?

FITSAF

TCSEC

FIPS

SSAA

Full Access

Go to page: