New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 CAP Exam - Topic 9 Question 7 Discussion

Actual exam question for ISC2's CAP exam
Question #: 7
Topic #: 9
[All CAP Questions]

Which of the following RMF phases is known as risk analysis?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Kasandra at May 07, 2022, 01:06 PM

Limited Time Offer

25%

Off

Get Premium CAP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Chaya
4 months ago
I always get confused with these phases, but I think you're right!
upvoted 0 times
...
Tequila
4 months ago
Yup, Phase 2 for sure!
upvoted 0 times
...
Leatha
4 months ago
Wait, is it really Phase 2? I thought it was Phase 1.
upvoted 0 times
...
Glendora
4 months ago
Totally agree, Phase 2 is where the real analysis happens.
upvoted 0 times
...
Whitley
5 months ago
It's Phase 2, that's the risk analysis phase!
upvoted 0 times
...
Crissy
5 months ago
I feel like Phase 3 is more about implementation, so it has to be either Phase 1 or Phase 2 for risk analysis.
upvoted 0 times
...
Clay
5 months ago
I want to say it's Phase 2, but I might be mixing it up with the assessment phase.
upvoted 0 times
...
Talia
5 months ago
I remember practicing a question about RMF phases, and I think Phase 1 was related to categorization, not risk analysis.
upvoted 0 times
...
Judy
5 months ago
I think risk analysis is part of Phase 2, but I'm not completely sure. It could also be in Phase 1.
upvoted 0 times
...
Kristian
5 months ago
Okay, I think I've got this. The key is to maximize security, so I'm leaning towards generating a shared access signature (SAS) to control access to the storage account.
upvoted 0 times
...
Mable
5 months ago
Hmm, I'm a bit unsure about the "dynamic rules" option. I'm not sure if that's something that can be A/B tested. I'd probably go with B or D.
upvoted 0 times
...
Sonia
5 months ago
I'm a bit confused by the different options presented. They all seem to involve modifying the syslog remote-servers configuration, but I'm not sure which one is the correct command. I'll have to carefully read through each one and try to understand the differences.
upvoted 0 times
...
Wilda
5 months ago
Okay, let's see here. All test cases should be automated? I'm not sure I agree with that one. But the other points seem pretty solid. I'll have to weigh the options and make my best guess.
upvoted 0 times
...
Emerson
5 months ago
I vaguely remember that BGP has some limitations, but I'm not sure if it affects convergence time for route availability in this case.
upvoted 0 times
...
Charisse
5 months ago
I remember our discussion on board dynamics; it sounds like a classic case of board members prioritizing their own interests over the organization's.
upvoted 0 times
...
Corinne
5 months ago
I'm a bit confused about the case sensitivity of the cached comparisons. I'll need to double-check that detail.
upvoted 0 times
...
Haydee
5 months ago
Okay, let's see. A brute force attack is when you try every possible combination, right? So the answer has to be A. Easy peasy!
upvoted 0 times
...

Save Cancel