CAP Online Practice Questions and Answers
Thomas is a key stakeholder in your project. Thomas has requested several changes to the project scope for the project you are managing. Upon review of the proposed changes, you have discovered that these new requirements are laden with risks and you recommend to the change control board that the changes be excluded from the project scope. The change control board agrees with you. What component of the change control system communicates the approval or denial of a proposed change request?
A. Configuration management system
B. Change log
C. Scope change control system
D. Integrated change control
Which of the following refers to an information security document that is used in the United States Department of Defense (DoD) to describe and accredit networks and systems?
A. SSAA
B. FIPS
C. FITSAF
D. TCSEC
Which of the following is an Information Assurance (IA) model that protects and defends information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation?
A. Parkerian Hexad
B. Capability Maturity Model (CMM)
C. Classic information security model
D. Five Pillars model
Your project team has identified a project risk that must be responded to. The risk has been recorded in the risk register and the project team has been discussing potential risk responses for the risk event. The event is not likely to happen for several months but the probability of the event is high. Which one of the following is a valid response to the identified risk event?
A. Corrective action
B. Technical performance measurement
C. Risk audit
D. Earned value management
Mark works as a project manager for TechSoft Inc. Mark, the project team, and the key project stakeholders have completed a round of qualitative risk analysis. He needs to update the risk register with his findings so that he can communicate the risk results to the project stakeholders - including management. Mark will need to update all of the following information except for which one?
A. Watchlist of low-priority risks
B. Prioritized list of quantified risks
C. Risks grouped by categories
D. Trends in qualitative risk analysis
Henry is the project manager of the QBG Project for his company. This project has a budget of $4,576,900 and is expected to last 18 months to complete. The CIO, a stakeholder in the project, has introduced a scope change request for additional deliverables as part of the project work. What component of the change control system would review the proposed changes' impact on the features and functions of the project's product?
A. Cost change control system
B. Scope change control system
C. Integrated change control
D. Configuration management system
In which of the following DITSCAP phases is the SSAA developed?
A. Phase 4
B. Phase 2
C. Phase 1
D. Phase 3
In which of the following elements of security does the object retain its veracity and is intentionally modified by the authorized subjects?
A. Integrity
B. Nonrepudiation
C. Availability
D. Confidentiality
Which of the following NIST documents defines impact?
A. NIST SP 800-26
B. NIST SP 800-53A
C. NIST SP 800-53
D. NIST SP 800-30
Management wants you to create a visual diagram of what resources will be utilized in the project deliverables. What type of a chart is management asking you to create?
A. Work breakdown structure
B. Roles and responsibility matrix
C. Resource breakdown structure
D. RACI chart