New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 CAP Exam - Topic 8 Question 5 Discussion

Actual exam question for ISC2's CAP exam
Question #: 5
Topic #: 8
[All CAP Questions]

Which of the following is a standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Haydee at May 04, 2022, 06:45 PM

Limited Time Offer

25%

Off

Get Premium CAP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Kenneth
4 months ago
FITSAF? Never heard of it being a standard.
upvoted 0 times
...
Jenelle
4 months ago
Wait, SSAA? Is that even relevant here?
upvoted 0 times
...
Irving
4 months ago
Totally agree, TCSEC is the standard!
upvoted 0 times
...
Nicolette
4 months ago
I thought it was FIPS, though.
upvoted 0 times
...
Twana
5 months ago
It's definitely TCSEC.
upvoted 0 times
...
Verda
5 months ago
FITSAF seems less likely, but I can't remember what it specifically covers. I wish I had reviewed those standards more thoroughly!
upvoted 0 times
...
Scarlet
5 months ago
SSAA sounds familiar, but I can't recall if it specifically sets requirements for assessing controls. I might be mixing it up with something else.
upvoted 0 times
...
Jesus
5 months ago
I remember FIPS being mentioned in class, but I thought it was more about standards for federal information systems rather than assessing effectiveness.
upvoted 0 times
...
Jose
5 months ago
I think TCSEC might be the right answer since it deals with evaluating security controls, but I'm not completely sure.
upvoted 0 times
...
Tequila
5 months ago
I'm a little confused by this question. Idempotence? I'm not sure I fully understand what that means in this context. I'll have to think it through carefully and try to eliminate the answers that don't seem to fit the description.
upvoted 0 times
...
Val
5 months ago
The key here is that the amount of change is determined by the particular behavior being changed and its current incidence, so I'll go with option D.
upvoted 0 times
...
Cammy
5 months ago
I think I can handle this one. The key is to focus on the scope of the ABC Compile - is it at the inventory organization level, the individual subinventory level, or a combination of the two?
upvoted 0 times
...
Youlanda
5 months ago
I'm pretty confident that the answer is B, cost plus incentive fee. The incentive fee structure can lead the contractor to prioritize their own interests over the buyer's, making it the riskiest option.
upvoted 0 times
...

Save Cancel