The SecOps Group CAP Exam Practice Test Instant Access

Question 1

Which of the following statements about Discretionary Access Control List (DACL) is true?

AIt is a rule list containing access control entries.

BIt specifies whether an audit activity should be performed when an object attempts to access a resource.

CIt is a list containing user accounts, groups, and computers that are allowed (or denied) access to the object.

DIt is a unique number that identifies a user, group, and computer account

Answer : C

Question 2

During qualitative risk analysis you want to define the risk urgency assessment. All of the following are indicators of risk priority except for which one?

ASymptoms

BCost of the project

CWarning signs

DRisk rating

Answer : B

Question 3

An authentication method uses smart cards as well as usernames and passwords for authentication. Which of the following authentication methods is being referred to?

AAnonymous

BMulti-factor

CBiometrics

DMutual

Answer : B

Question 4

Which of the following guidance documents is useful in determining the impact level of a particular threat on agency systems?

ANIST SP 800-41

BNIST SP 800-37

CFIPS 199

DNIST SP 800-14

Answer : C

Question 5

Which of the following documents is used to provide a standard approach to the assessment of NIST SP 800-53 security controls?

ANIST SP 800-53A

BNIST SP 800-66

CNIST SP 800-41

DNIST SP 800-37

Answer : A

Question 6

Which of the following individuals makes the final accreditation decision?

ADAA

BISSO

CCIO

DCISO

Answer : A

Question 7

Which of the following individuals is responsible for the final accreditation decision?

ACertification Agent

BUser Representative

CInformation System Owner

DRisk Executive

Answer : C

The SecOps Group CAP Certified AppSec Practitioner Exam Practice Test