Question 1

Which of the following security controls will you use for the deployment phase of the SDLC to build

secure software?

Each correct answer represents a complete solution. Choose all that apply.

Options :

A : Vulnerability Assessment and Penetration Testing

B : Security Certification and Accreditation (C&A)

C : Change and Configuration Control

D : Risk Adjustments

Answer: A,B,D

Question 2

Which of the following subphases are defined in the maintenance phase of the life cycle models?

Options :

A : Change control

B : Configuration control

C :

Request control

D : Release control

Answer: A,C,D

Question 3

You have created a team of HR Managers and Project Managers for Blue Well Inc. The team will

concentrate on hiring some new employees for the company and improving the organization's

overall security by turning employees among numerous job positions. Which of the following steps

will you perform to accomplish the task?

Options :

A : Job rotation

B : Job responsibility

C : Screening candidates

D : Separation of duties

Answer: A

Question 4

What component of the change management system is responsible for evaluating, testing, and

documenting changes created to the project scope?

Options :

A : Scope Verification

B :

Project Management Information System

C : Integrated Change Control

D : Configuration Management System

Answer: D

Question 5

Which of the following is a variant with regard to Configuration Management?

Options :

A :

A CI that has the same name as another CI but shares no relationship.

B :

A CI that particularly refers to a hardware specification.

C :

A CI that has the same essential functionality as another CI but a bit different in some small

manner.

D : A CI that particularly refers to a software version.

Answer: A

Higher Test Marks with Free Online ISSMP Exam Practice

Buying Options: