• Home
  • Articles
  • Valid CAP Exam Q&A PDF CAP Dump is Ready (Updated 395 Questions) [Q108-Q124]

Valid CAP Exam Q&A PDF CAP Dump is Ready (Updated 395 Questions) [Q108-Q124]

Share

Valid CAP Exam Q&A PDF CAP Dump is Ready (Updated 395 Questions)

Exam Questions and Answers for  CAP Study Guide

NEW QUESTION 108
You are the project manager of the GHY Project for your company. You have completed the risk response planning with your project team. You now need to update the WBS. Why would the project manager need to update the WBS after the risk response planning process? Choose the best answer.

  • A. Because of new work generated by the risk responses
  • B. Because of work that was omitted during the WBS creation
  • C. Because of risk responses that are now activities
  • D. Because of risks associated with work packages

Answer: A

 

NEW QUESTION 109
Which of the following is used in the practice of Information Assurance (IA) to define assurance requirements?

  • A. Parkerian Hexad
  • B. Classic information security model
  • C. Communications Management Plan
  • D. Five Pillars model

Answer: B

 

NEW QUESTION 110
What are the subordinate tasks of the Implement and Validate Assigned IA Control phase in the DIACAP process?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Conduct validation activities.
  • B. Execute and update IA implementation plan.
  • C. Combine validation results in DIACAP scorecard.
  • D. Conduct activities related to the disposition of the system data and objects.

Answer: A,B,C

Explanation:
Section: Volume C
Explanation

 

NEW QUESTION 111
Which of the following is an entry in an object's discretionary access control list (DACL) that grants permissions to a user or group?

  • A. Discretionary access control entry (DACE)
  • B. Access control list (ACL)
  • C. Security Identifier (SID)
  • D. Access control entry (ACE)

Answer: D

 

NEW QUESTION 112
Which of the following documents is used to provide a standard approach to the assessment of NIST SP 800-53 security controls?

  • A. NIST SP 800-53A
  • B. NIST SP 800-66
  • C. NIST SP 800-41
  • D. NIST SP 800-37

Answer: A

 

NEW QUESTION 113
In which of the following DITSCAP phases is the SSAA developed?

  • A. Phase 4
  • B. Phase 1
  • C. Phase 3
  • D. Phase 2

Answer: B

Explanation:
Section: Volume D

 

NEW QUESTION 114
The only output of the perform qualitative risk analysis are risk register updates. When the project manager updates the risk register he will need to include several pieces of information including all of the following except for which one?

  • A. Watchlist of low-priority risks
  • B. Risks grouped by categories
  • C. Trends in qualitative risk analysis
  • D. Risk probability-impact matrix

Answer: D

 

NEW QUESTION 115
You work as a project manager for BlueWell Inc. Your project is running late and you must respond to the risk. Which risk response can you choose that will also cause you to update the human resource management plan?

  • A. Transference
  • B. Fast tracking the project
  • C. Crashing the project
  • D. Teaming agreements

Answer: C

 

NEW QUESTION 116
The Project Risk Management knowledge area focuses on which of the following processes?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Risk Monitoring and Control
  • B. Potential Risk Monitoring
  • C. Quantitative Risk Analysis
  • D. Risk Management Planning

Answer: A,C,D

Explanation:
Section: Volume B

 

NEW QUESTION 117
A ________ points to a statement in a policy or procedure that helps determine a course of action.

  • A. Guideline
  • B. Baseline
  • C. Comment
  • D. Procedure

Answer: A

Explanation:
Section: Volume D

 

NEW QUESTION 118
A security policy is an overall general statement produced by senior management that dictates what role security plays within the organization. Which of the following are required to be addressed in a well designed policy?
Each correct answer represents a part of the solution. Choose all that apply.

  • A. Where is the vulnerability, threat, or risk?
  • B. What is being secured?
  • C. Who is expected to comply with the policy?
  • D. Who is expected to exploit the vulnerability?

Answer: A,B,C

 

NEW QUESTION 119
Which of the following methods of authentication uses finger prints to identify users?

  • A. PKI
  • B. Kerberos
  • C. Biometrics
  • D. Mutual authentication

Answer: C

 

NEW QUESTION 120
NIST SP 800-53A defines three types of interview depending on the level of assessment conducted. Which of the following NIST SP 800-53A interviews consists of informal and ad hoc interviews?

  • A. Significant
  • B. Comprehensive
  • C. Substantial
  • D. Abbreviated

Answer: D

Explanation:
Section: Volume D

 

NEW QUESTION 121
You are the project manager of the GHG project. You are preparing for the quantitative risk analysis process. You are using organizational process assets to help you complete the quantitative risk analysis process. Which one of the following is NOT a valid reason to utilize organizational process assets as a part of the quantitative risk analysis process?

  • A. You will use organizational process assets to determine costs of all risks events within the current project.
  • B. You will use organizational process assets for information from prior similar projects.
  • C. You will use organizational process assets for studies of similar projects by risk specialists.
  • D. You will use organizational process assets for risk databases that may be available from industry sources.

Answer: A

 

NEW QUESTION 122
Neil works as a project manager for SoftTech Inc. He is working with Tom, the COO of his company, on several risks within the project. Tom understands that through qualitative analysis Neil has identified many risks in the project. Tom's concern, however, is that the priority list of these risk events are sorted in "high-risk,"
"moderate-risk," and "low-risk" as conditions apply within the project. Tom wants to know that is there any other objective on which Neil can make the priority list for project risks. What will be Neil's reply to Tom?

  • A. Risks may be listed by categories
  • B. Risks may be listed by the additional analysis and response
  • C. Risks may be listed by priority separately for schedule, cost, and performance
  • D. Risk may be listed by the responses in the near-term

Answer: C

Explanation:
Section: Volume A

 

NEW QUESTION 123
Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them. Which of the following access control models will he use?

  • A. Discretionary Access Control
  • B. Policy Access Control
  • C. Mandatory Access Control
  • D. Role-Based Access Control

Answer: D

 

NEW QUESTION 124
......

Certification dumps - ISC Certification CAP guides - 100% valid: https://www.dumpsvalid.com/CAP-still-valid-exam.html

100% Pass Your CAP CAP - Certified Authorization Professional at First Attempt with DumpsValid: https://drive.google.com/open?id=1lBnHQ4Y2DolBOV54cYhgmFpykr0YNEOe

Related Articles

more
The SecOps Group CAP Certification Practice Exam

Copyright © 2026 DumpsValid NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy