Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. ISC
  3. CISSP-ISSEP

ISC Information Systems Security Engineering Professional CISSP-ISSEP Exam Questions in PDF

Free ISC CISSP-ISSEP Dumps Questions (page: 2)

CISSP-ISSEP PDF — 214 Questions

Which of the following documents contains the threats to the information management, and the security services and controls required to counter those threats?

  1. System Security Context
  2. Information Protection Policy (IPP)
  3. CONOPS
  4. IMM

Answer(s): B



Which of the following acts is used to recognize the importance of information security to the economic and national security interests of the United States?

  1. Lanham Act
  2. FISMA
  3. Computer Fraud and Abuse Act
  4. Computer Misuse Act

Answer(s): B



Which of the following memorandums directs the Departments and Agencies to post clear privacy policies on World Wide Web sites, and provides guidance for doing it?

  1. OMB M-99-18
  2. OMB M-00-13
  3. OMB M-03-19
  4. OMB M-00-07

Answer(s): A



Which of the following federal agencies coordinates, directs, and performs highly specialized activities to protect U.S. information systems and produces foreign intelligence information?

  1. National Institute of Standards and Technology (NIST)
  2. National Security AgencyCentral Security Service (NSACSS)
  3. Committee on National Security Systems (CNSS)
  4. United States Congress

Answer(s): B



Which of the following documents were developed by NIST for conducting Certification & Accreditation (C&A)?
Each correct answer represents a complete solution. Choose all that apply.

  1. NIST Special Publication 800-59
  2. NIST Special Publication 800-60
  3. NIST Special Publication 800-37A
  4. NIST Special Publication 800-37
  5. NIST Special Publication 800-53
  6. NIST Special Publication 800-53A

Answer(s): A,B,D,E,F



FIPS 199 defines the three levels of potential impact on organizations. Which of the following potential impact levels shows limited adverse effects on organizational operations, organizational assets, or individuals?

  1. Moderate
  2. Medium
  3. High
  4. Low

Answer(s): D



Fill in the blanks with an appropriate phrase. A ________ is an approved build of the product, and can be a single component or a combination of components.

  1. development baseline

Answer(s): A



Which of the following types of cryptography defined by FIPS 185 describes a cryptographic algorithm or a tool accepted by the National Security Agency for protecting sensitive, unclassified information in the systems as stated in Section 2315 of Title 10, United States Code?

  1. Type I cryptography
  2. Type II cryptography
  3. Type III (E) cryptography
  4. Type III cryptography

Answer(s): B



Viewing page 2 of 28

Share your comments for ISC CISSP-ISSEP exam with other users:

S
srameh
4/14/2026 10:09:29 AM

Question 3:

  • Correct answer: Phase 4, Post Accreditation

  • Explanation:
- In DITSCAP, the four phases are: - Phase 1: Definition (concept and requirements) - Phase 2: Verification (design and testing) - Phase 3: Validation (fielding and evaluation) - Phase 4: Post Accreditation (ongoing operations and lifecycle management) - The description—continuing operation of an accredited IT system and addressing changing threats throughout its life cycle—fits the Post Accreditation phase, which covers operations, maintenance, monitoring, and reauthorization as threats and environment evolve.

France
AI Tutor 👋 I’m here to help!