New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSEP Exam - Topic 4 Question 14 Discussion

Actual exam question for ISC2's ISSEP exam
Question #: 14
Topic #: 4
[All ISSEP Questions]

You work as a systems engineer for BlueWell Inc. You want to communicate the quantitative and

qualitative system characteristics to all stakeholders. Which of the following documents will you use

to achieve the above task?

Show Suggested Answer Hide Answer
Suggested Answer: B

The Concept of Operations (CONOPS) is a document describing the characteristics of a proposed

system from the viewpoint of an individual

who will use that system. It is used to communicate the quantitative and qualitative system

characteristics to all stakeholders. CONOPS are

widely used in the military or in government services, as well as other fields.

A CONOPS generally evolves from a concept and is a description of how a set of capabilities may be

employed to achieve desired objectives or

a particular end state for a specific scenario.

Answer option A is incorrect. The IMM is the source document describing the customer's needs

based on identifying users, processes, and

information.

Answer option C is incorrect. The IPP is the source document, which is most useful for the ISSE when

defining the needed security

functionality. The IPP document contains the threats to the information management and the

security services and controls required to

counter those threats.

Answer option D is incorrect. The System Security Context is the output of SE and ISSEP. It is the

translation of the requirements into system

parameters and possible measurement concepts that meet the defined requirements.


by Frederica at May 03, 2022, 10:32 PM

Limited Time Offer

25%

Off

Get Premium ISSEP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Mozell
4 months ago
I thought IMM was more for internal use, not for stakeholders.
upvoted 0 times
...
Cathrine
4 months ago
Wait, isn't System Security Context more about security?
upvoted 0 times
...
Burma
4 months ago
Not so sure about that, IPP might fit better.
upvoted 0 times
...
Stephania
4 months ago
Totally agree, it covers both aspects well!
upvoted 0 times
...
Lelia
5 months ago
I think CONOPS is the best choice for that.
upvoted 0 times
...
Celeste
5 months ago
The System Security Context seems too specific; I doubt it would cover the broader system characteristics we need to communicate.
upvoted 0 times
...
Jerry
5 months ago
I practiced a similar question, and I feel like the IPP could be relevant, but I’m not confident it addresses stakeholder communication effectively.
upvoted 0 times
...
Annelle
5 months ago
I'm not entirely sure, but I remember something about the IMM being more focused on metrics. Does it really cover qualitative characteristics too?
upvoted 0 times
...
Brigette
5 months ago
I think the CONOPS document might be the right choice since it outlines the operational concept and can convey both quantitative and qualitative aspects.
upvoted 0 times
...
Hector
5 months ago
I'm feeling pretty confident about this one. I've reviewed Oracle's documentation on this topic, so I should be able to identify the correct answers.
upvoted 0 times
...
Carey
5 months ago
Hmm, this is a tricky one. I'm not entirely sure about the quality review technique, but I think option B might be false since it's not the main purpose of the technique.
upvoted 0 times
...

Save Cancel