Question 1

Which of the following governance bodies provides management, operational and technical controls

to satisfy security requirements?

Options :

A : Senior Management

B : Business Unit Manager

C : Information Security Steering Committee

D : Chief Information Security Officer

Answer: A

Question 2

Which of the following is the correct order of digital investigations Standard Operating Procedure

(SOP)?

Options :

A : Initial analysis, request for service, data collection, data reporting, data analysis

B : Initial analysis, request for service, data collection, data analysis, data reporting

C : Request for service, initial analysis, data collection, data analysis, data reporting

D : Request for service, initial analysis, data collection, data reporting, data analysis

Answer: C

Question 3

Which of the following subphases are defined in the maintenance phase of the life cycle models?

Options :

A : Change control

B : Configuration control

C :

Request control

D : Release control

Answer: A,C,D

Question 4

Which of the following security controls will you use for the deployment phase of the SDLC to build

secure software?

Each correct answer represents a complete solution. Choose all that apply.

Options :

A : Vulnerability Assessment and Penetration Testing

B : Security Certification and Accreditation (C&A)

C : Change and Configuration Control

D : Risk Adjustments

Answer: A,B,D

Question 5

In which of the following contract types, the seller is reimbursed for all allowable costs for

performing the contract work and receives a fixed fee payment which is calculated as a percentage

of the initial estimated project costs?

Options :

A : Firm Fixed Price Contracts

B : Cost Plus Fixed Fee Contracts

C : Fixed Price Incentive Fee Contracts

D : Cost Plus Incentive Fee Contracts

Answer: B