Free Access ISC.CISSP-ISSEP.v2025-06-30.q158 Practice Test (Page 29)

Question 136

Fill in the blank with the appropriate phrase. The ____________ is the risk that remains after the implementation of new or enhanced controls.

A.residual risk

Question 137

Which of the following elements of Registration task 4 defines the operating system, database management system, and software applications, and how they will be used

A.System interface

B.System firmware

C.System software

D.System hardware

Question 138

Which of the following phases of NIST SP 800-37 C&A methodology examines the residual risk for acceptability, and prepares the final security accreditation package

A.Security Accreditation

B.Continuous Monitoring

C.Initiation

D.Security Certification

Question 139

FITSAF stands for Federal Information Technology Security Assessment Framework. It is a methodology for assessing the security of information systems.
Which of the following FITSAF levels shows that the procedures and controls are tested and reviewed?

A.Level 1

B.Level 5

C.Level 4

D.Level 2

E.Level 3

Question 140

Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident

A.Corrective controls

B.Safeguards

C.Detective controls

D.Preventive controls

Latest Upload: 201PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 296Nokia.4A0-113.v2026-05-01.q69; 253EC-COUNCIL.312-49v11.v2026-04-30.q214; 228Microsoft.MB-820.v2026-04-30.q101; 209Salesforce.MC-202.v2026-04-30.q57; 204BICSI.INSTC_V8.v2026-04-29.q53; 333NMLS.MLO.v2026-04-28.q82; 242NCARB.Project-Management.v2026-04-28.q27; 458EMC.D-AV-DY-23.v2026-04-27.q184; 1112ServiceNow.CSA.v2026-04-27.q483

Question 136

Question 137

Question 138

Question 139

Question 140

Download PDF File