Which of the following processes describes the elements such as quantity, quality, coverage, timelines, and availability, and categorizes the different functions that the system will need to perform in order to gather the documented missionbusiness needs

1. A. Functional requirements
2. B. Operational scenarios
3. C. Human factors
4. D. Performance requirements

Correct Answer: A

Which of the following assessment methodologies defines a six-step technical security evaluation

1. A. FITSAF
2. B. OCTAVE
3. C. FIPS 102
4. D. DITSCAP

Correct Answer: C

Which of the following configuration management system processes defines which items will be configuration managed, how they are to be identified, and how they are to be documented

1. A. Configuration verification and audit
2. B. Configuration control
3. C. Configuration status accounting
4. D. Configuration identification

Correct Answer: D

FIPS 199 defines the three levels of potential impact on organizations. Which of the following potential impact levels shows limited adverse effects on organizational operations, organizational assets, or individuals

1. A. Moderate
2. B. Medium
3. C. High
4. D. Low

Correct Answer: D

Which of the following DITSCAP C&A phases takes place between the signing of the initial version of the SSAA and the formal accreditation of the system

1. A. Phase 3
2. B. Phase 2
3. C. Phase 4
4. D. Phase 1

Correct Answer: B