New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSMP Exam - Topic 2 Question 67 Discussion

Actual exam question for ISC2's ISSMP exam
Question #: 67
Topic #: 2
[All ISSMP Questions]

Which of the following administrative policy controls is usually associated with government classifications of materials and the clearances of individuals to access those materials?

Show Suggested Answer Hide Answer
Suggested Answer: B

Physical Configuration Audit (PCA) is one of the practices used in Software Configuration Management for Software Configuration Auditing. The purpose of the software PCA is to ensure that the design and reference documentation is consistent with the as-built software product. PCA checks and matches the really implemented layout with the documented layout.

Answer option D is incorrect. Functional Configuration Audit or FCA is one of the practices used in Software Configuration Management for Software Configuration Auditing. FCA occurs either at delivery or at the moment of effecting the change. A Functional Configuration Audit ensures that functional and performance attributes of a configuration item are achieved.

Answer option C is incorrect. Configuration control is a procedure of the Configuration management. Configuration control is a set of processes and approval stages required to change a configuration item's attributes and to re-baseline them. It supports the change of the functional and physical attributes of software at various points in time, and performs systematic control of changes to the identified attributes.

Answer option A is incorrect. Configuration identification is the process of identifying the attributes that define every aspect of a configuration item. A configuration item is a product (hardware and/or software) that has an end-user purpose. These attributes are recorded in configuration documentation and baselined. Baselining an attribute forces formal configuration change control processes to be effected in the event that these attributes are changed.


by Carmela at Apr 21, 2023, 01:21 PM

Limited Time Offer

25%

Off

Get Premium ISSMP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Brittani
4 months ago
Wow, I had no idea it was that specific!
upvoted 0 times
...
Regenia
4 months ago
I thought "Separation of Duties" was more relevant here.
upvoted 0 times
...
Leigha
4 months ago
Agreed, "Need to Know" is key for access control.
upvoted 0 times
...
Gearldine
4 months ago
Wait, is that really the right answer? Seems off.
upvoted 0 times
...
Nenita
4 months ago
Definitely "Need to Know"! That's how it works.
upvoted 0 times
...
Josphine
5 months ago
I feel like "Acceptable Use" is more about how to use information rather than who can access it, so I’m leaning towards "Need to Know."
upvoted 0 times
...
Harley
5 months ago
This question reminds me of a practice quiz where "Due Care" was mentioned, but I don't think it applies to government classifications.
upvoted 0 times
...
Leonida
5 months ago
I'm not entirely sure, but I remember studying "Separation of Duties" in a different context. It doesn't seem to fit here, though.
upvoted 0 times
...
Beth
5 months ago
I think the answer might be "Need to Know" since it relates to who can access classified information.
upvoted 0 times
...
Octavio
5 months ago
I feel pretty confident about this one. The information is all laid out clearly, and I know how to apply the Treynor-Black model. I'll just need to make sure I plug in the right numbers and formulas.
upvoted 0 times
...
Ryan
5 months ago
Okay, I think I've got this. Certification and skill are definitely the two valid characteristics here. The question is asking about attributes needed for proper work order assignment and scheduling, so those make the most sense. I'll select those two options.
upvoted 0 times
...
Jettie
5 months ago
I think the key here is to focus on the differences between the two approaches and why the engineer might have chosen the less optimal coverage option. Transmit power considerations seem like the most likely reason.
upvoted 0 times
...
Jules
9 months ago
D) Need to Know, of course. I heard the government stores all their classified materials in a giant underground bunker guarded by laser-wielding robots. Gotta have the right clearance to get in there!
upvoted 0 times
...
Orville
9 months ago
D) Need to Know, no doubt. I bet the government has some super-secret handshakes and decoder rings to go along with those clearances.
upvoted 0 times
Paulina
8 months ago
D) Need to Know is definitely key for controlling access to sensitive information.
upvoted 0 times
...
Luisa
8 months ago
C) Acceptable Use policies help define what is and isn't allowed on the network.
upvoted 0 times
...
Lai
9 months ago
B) Due Care is crucial for ensuring that security measures are properly implemented.
upvoted 0 times
...
Chantell
9 months ago
A) Separation of Duties is important too, it helps prevent fraud and errors.
upvoted 0 times
...
...
Cyndy
10 months ago
I was tempted by A) Separation of Duties, but D) Need to Know is definitely the correct answer. Can't let just anyone access those top-secret files, you know?
upvoted 0 times
...
Howard
10 months ago
Hmm, I was debating between B) Due Care and D) Need to Know, but D) makes the most sense for this type of administrative policy control.
upvoted 0 times
Glory
8 months ago
User 3: Yeah, D) Need to Know makes the most sense for this type of administrative policy control.
upvoted 0 times
...
Lawrence
8 months ago
User 2: I agree, it's usually associated with government classifications of materials.
upvoted 0 times
...
Shawnta
9 months ago
User 1: I think D) Need to Know is the correct answer.
upvoted 0 times
...
...
Narcisa
10 months ago
D) Need to Know seems like the obvious choice here. Clearances and government classifications are all about restricting access based on that principle.
upvoted 0 times
Dianne
9 months ago
D) Need to Know is crucial for controlling access to sensitive information.
upvoted 0 times
...
Kara
9 months ago
B) Due Care is necessary to ensure that proper security measures are in place.
upvoted 0 times
...
Antione
9 months ago
A) Separation of Duties is important for preventing fraud and errors in organizations.
upvoted 0 times
...
...
Selma
10 months ago
I'm not sure, but I think D) Need to Know is the best choice for this question.
upvoted 0 times
...
Leota
11 months ago
I agree with Jean, D) Need to Know makes sense for government classifications.
upvoted 0 times
...
Jean
11 months ago
I think the answer is D) Need to Know.
upvoted 0 times
...

Save Cancel