Secure Checkout


Buy your braindumps confidently with our secure SSL certification and safe payment methods.

Read More
Download Demo


Download the demo of your desired dumps free on just one click before purchase. 100% singup free demo.

Read More


Get your certification in 1st attempt or get your 100% payment back according to our refund policy.

Read More
Customer Support


Resolve your issues and queries quickly with our dedicated 24/7 live customer support team.

Read More

ISC2 CAP Dumps

We at Dumpssure certify you that our platform is one of the most authentic website for ISC2 CAP exam questions and their correct answers. Pass your ISC2 CAP exam with flying marks, and that too with little effort. With the purchase of this pack, you wil also get free demo questions dumps. We ensure your 100% success in CAP Exam with the help of our provided material.

DumpsSure offers a unique Online Test Engine where you can fully practice your CAP exam questions. This is one-of-a-kind feature which our competitors won't provide you. Candidates can practice the way they would want to attempt question at the real examination time.

Dumpssure also offers an exclusive 'Exam Mode' where you can attempt 50 random questions related to your CAP exam. This mode is exactly the same as of real CAP certification exam. Attempt all the questions within a limited time and test your knowledge on the spot. This mode will definitely give you an edge in real exam.

Our success rate from past 6 years is above 96% which is quite impressive and we're proud of it. Our customers are able to build their career in any field the wish. Let's dive right in and make the best decision of your life right now. Choose the plan you want, download the CAP exam dumps and start your preparation for a successful professional.

Why Dumpssure is ever best for the preparation for ISC2 CAP exam?

Dumpssure is providing free ISC2 CAP question answers for your practice, to avail this facility you just need to sign up for a free account on Dumpssure. Thousands of customers from entire world are using our CAP dumps. You can get high grades by using these dumps with money back guarantee on CAP dumps PDF.

A vital device for your assistance to pass your ISC2 CAP Exam

Our production experts have been preparing such material which can succeed you in ISC2 CAP exam in a one day. They are so logical and notorious about the questions and their answers that you can get good marks in ISC2 CAP exam. So DUMPSSURE is offering you to get excellent marks.

Easy access on your mobile for the users

The basic mean of Dumpssure is to provide the most important and most accurate material for our users. You just need to remain connected to internet for getting updates even on your mobile. After purchasing, you can download the ISC2 CAP study material in PDF format and can read it easily, where you have desire to study.

ISC2 CAP Questions and Answers can get instantly

Our provided material is regularly updated step by step for new questions and answers for ISC2 Exam Dumps, so that you can easily check the behaviour of the question and their answers and you can succeed in your first attempt.

ISC2 CAP Dumps are demonstrated by diligence Experts

We are so keen to provide our users with that questions which are verified by the ISC2 Professionals, who are extremely skilled and have spent many years in this field.

Money Back Guarantee

Dumpssure is so devoted to our customers that we provide to most important and latest questions to pass you in the ISC2 CAP exam. If you have purchased the complete CAP dumps PDF file and not availed the promised facilities for the ISC2 exams you can either replace your exam or claim for money back policy which is so simple for more detail visit Guarantee Page.

ISC2 CAP Sample Questions

Question # 1

In 2003, NIST developed a new Certification & Accreditation (C&A) guideline known as FIPS 199. What levels of potential impact are defined by FIPS 199? Each correct answer represents a complete solution. Choose all that apply.

A. Low 
B. Moderate 
C. High 
D. Medium 

Question # 2

An authentication method uses smart cards as well as usernames and passwordsfor authentication. Which of the following authentication methods is being referred to?

A. Anonymous 
B. Multi-factor 
C. Biometrics
 D. Mutual 

Question # 3

You work as a project manager for BlueWell Inc. There has been a delay in your project work that is adversely affecting the project schedule. You decided, with your stakeholders' approval, to fast track the project work to get the project done faster. When you fast track the project which of the following are likely to increase?

A. Risks
B. Human resource needs
C. Quality control concerns
D. Costs

Question # 4

Which of the following RMF phases is known as risk analysis? 

A. Phase 0
B. Phase 1
C. Phase 2
D. Phase 3

Question # 5

Which one of the following is the only output for the qualitative risk analysis process? 

A. Enterprise environmental factors  
B. Project management plan  
C. Risk register updates  

Question # 6

The Information System Security Officer (ISSO) and Information System Security Engineer (ISSE) play the role of a supporter and advisor, respectively. Which of the following statements are true about ISSO and ISSE? Each correct answer represents a complete solution. Choose all that apply.

A. An ISSE manages the security of the information system that is slated for Certification & Accreditation (C&A). 
B. An ISSO takes part in the development activities that are required to implement system ch anges.
C. An ISSE provides advice on the continuous monitoring of the information system.  
D. An ISSE provides advice on the impacts of system changes.  
E. An ISSO manages the security of the information system that is slated for Certification & Accreditation (C&A). 

Question # 7

Harry is a project manager of a software development project. In the early stages of planning, he and the stakeholders operated with the belief that the software they were developing would work with their organization's current computer operating system. Now that the project team has started developing the software it has become apparent that the software will not work with nearly half of the organization's computer operating systems. The incorrect belief Harry had in the software compatibility is an example of what in project management?

A. Assumption
B. Issue
C. Risk
D. Constraint

Question # 8

Which of the following DITSCAP phases validates that the preceding work has produced an IS that operates in a specified computing environment?

A. Phase 3
B. Phase 2
C. Phase 4
D. Phase 1

Question # 9

Which of the following processes is described in the statement below? "It is the process of implementing risk response plans, tracking identified risks, monitoring residual risk, identifying new risks, and evaluating risk process effectiveness throughout the project." 

A. Perform Quantitative Risk Analysis
B. Monitor and Control Risks
C. Perform Qualitative Risk Analysis
D. Identify Risks

Question # 10

There are seven risk responses for any project. Which one of the following is a valid risk response for a negative risk event?

A. Enhance  
B. Exploit  
C. Acceptance  
D. Share  

Question # 11

In which type of access control do user ID and password system come under? 

A. Administrative
B. Technical
C. Physical
D. Power

Question # 12

Eric is the project manager of the NQQ Project and has hired the ZAS Corporation to complete part of the project work for Eric's organization. Due to a change request the ZAS Corporation is no longer needed on the project even though they have completed nearly all of the project work. Is Eric's organization liable to pay the ZAS Corporation for the work they have completed so far on the project?

A. No, the ZAS Corporation did not complete all of the work.
B. Yes, the ZAS Corporation did not choose to terminate the contract work.
C. It depends on what the outcome of a lawsuit will determine.
D. It depends on what the terminationclause of the contract stipulates

Question # 13

Shoulder surfing is a type of in-person attack in which the attacker gathers information about the premises of an organization. This attack is often performed by looking surreptitiously at the keyboard of an employee's computer while he is typing in his password at any access point such as a terminal/Web site. Which of the following isviolated in a shoulder surfing attack?

A. Authenticity
B. Integrity
C. Availability
D. Confidentiality

Question # 14

Management wants you to create a visual diagram of what resources will be utilized in the project deliverables. What type of a chart is management asking you to create?

A. Work breakdown structure
B. Roles and responsibility matrix
C. Resource breakdown structure
D. RACI chart

Question # 15

Which of the following DoD directives is referred to as theDefense Automation Resources Management Manual?

A. DoD 5200.22-M
B. DoD 5200.1-R
C. DoD 8910.1
D. DoDD 8000.1
E. DoD 7950.1-M

Question # 16

Tom is the project manager for his organization. In his project he has recently finished the risk response planning. He tells his manager that he will now need to update the cost and schedule baselines. Why would the risk response planning cause Tom the need to update the cost and schedule baselines?

A. New or omitted work as part of a risk response can cause changes to the cost and/or schedule baseline. 
B. Risk responses protect the time and investment of the project.
C. Risk responses may take time and money to implement.
D. Baselines should not be updated, but refined through versions.

Question # 17

Which of the following guidance documents is useful in determining the impact level of a particular threat on agency systems?

A. NIST SP 800-41
B. NIST SP 800-37
C. FIPS 199
D. NIST SP 800-14

Question # 18

Which of the following documents is used to provide a standard approach to the assessment of NIST SP 800-53 security controls?

A. NIST SP 800-53A
B. NIST SP 800-66
C. NIST SP 800-41
D. NIST SP 800-37

Question # 19

Which of the following individuals is responsible for configuration management and control task?

A. Commoncontrol provider  
B. Information system owner  
C. Authorizing official  
D. Chief information officer  

Question # 20

Which of the following are the types of assessment tests addressed in NIST SP 800-53A? 

A. Functional, penetration, validation
B. Validation, evaluation, penetration
C. Validation, penetration, evaluation
D. Functional, structural, penetration

Question # 21

For which of the following reporting requirements are continuous monitoring documentation reports used?


Question # 22

A ________ points to a statement in a policy or procedure that helps determine a course of action.

A. Comment  
B. Guideline  
C. Procedure  
D. Baseline  

Question # 23

Which of the following individuals makes the final accreditation decision? 


Question # 24

Which of the following individuals is responsible for the final accreditation decision? 

A. Certification Agent
B. User Representative
C. Information System Owner
D. Risk Executive

Question # 25

Which of the following relations correctly describes total risk? 

A. Total Risk = Threats x Vulnerability x Asset Value  
B. Total Risk = Viruses x Vulnerability x Asset Value  
C. Total Risk = Threats x Exploit x Asset Value  
D. Total Risk = Viruses x Exploit x Asset Value  

Question # 26

Which of the following formulas was developed by FIPS 199 for categorization of an informationsystem?

A. SCinformation system = {(confidentiality, impact), (integrity, controls), (availability, risk)}  
B. SCinformation system = {(confidentiality, risk), (integrity, impact), (availability, controls)}  
C. SCinformation system = {(confidentiality, impact), (integrity, impact), (availability, impact)} 
D. SCinformation system = {(confidentiality, controls), (integrity, controls), (availability, controls )} 

Question # 27

Which of the following NIST documents defines impact? 

A. NIST SP 800-26
B. NIST SP 800-53A
C. NIST SP 800-53
D. NIST SP 800-30

Question # 28

Which of the following NIST publications defines impact? 

A. NIST SP 800-41
B. NIST SP 800-37
C. NIST SP 800-30
D. NIST SP 800-53

What Our Client Says