Online Access Free ISC.CGRC.v2024-06-23.q151 Practice Test (Page 17)

CGRC Exam Question 76

What is BRM?
Response:

A.The Business Reference Model (BRM) provides an organized, hierarchical framework for describing the month to month business operations of the federal government. The BRM is the last layer of the Federal Enterprise Architecture (FEA) and provides a good viewpoint from which to analyze data, service components, and technology.

B.The Business Reference Model (BRM) provides an organized, hierarchical framework for describing the day-to-day business operations of the federal government. The BRM is the last layer of the Federal Enterprise Architecture (FEA) and provides a good viewpoint from which to analyze data, service components, and technology.

C.The Business Reference Model (BRM) provides an organized, hierarchical framework for describing the day-to-day business operations of the federal government. The BRM is the first layer of the Federal Enterprise Architecture (FEA) and provides a bad viewpoint from which to analyze data or service components or technology.

D.The Business Reference Model (BRM) provides an organized, hierarchical framework for describing the day-to-day business operations of the federal government. The BRM is the first layer of the Federal Enterprise Architecture (FEA) and provides a good viewpoint from which to analyze data, service components, and technology.

CGRC Exam Question 77

Penetration tests are sometimes called white hat attacks because in a pen test, the good guys are attempting to break in. What are the different categories of penetration testing? Each correct answer represents a complete solution. Choose all that apply.
Response:

A.Open-box

B.Full-knowledge test

C.Full-box

D.Closed-box

E.Partial-knowledge test

F.Zero-knowledge test

CGRC Exam Question 78

Which RMF role establishes risk management roles and responsibilities and provides advice and relevant information to authorizing officials concerning the risk management strategy to guide authorization decision making.
Response:

A.Risk executive

B.ISSE

C.System owner

D.Common control provider

CGRC Exam Question 79

Which of the following parts of BS 7799 covers risk analysis and management? Response:

A.Part 3

B.Part 4

C.Part 1

D.Part 2

CGRC Exam Question 80

Which NIST SP series document is concerned with continuous monitoring for federal information systems and organizations?
Response:

A.SP 800-26

B.SP 800-137

C.SP 800-144

D.SP 800-64

Other Version: 1155ISC.CGRC.v2025-02-03.q173

Latest Upload: 135Oracle.1D0-1057-25-D.v2026-06-03.q29; 268NAHQ.CPHQ.v2026-06-03.q396; 252CompTIA.220-1201.v2026-06-03.q196; 152GIAC.GCFE.v2026-06-03.q78; 145HIMSS.CPHIMS.v2026-06-03.q45; 229Google.Professional-Cloud-Architect.v2026-06-03.q165; 143HP.HPE7-A09.v2026-06-02.q48; 152ACDIS.CCDS-O.v2026-06-02.q56; 132Microsoft.AB-730.v2026-06-02.q31; 208ASQ.CSSBB.v2026-06-02.q130

CGRC Exam Question 76

CGRC Exam Question 77

CGRC Exam Question 78

CGRC Exam Question 79

CGRC Exam Question 80

Download PDF File