CMMC-CCP試験無料問題集（172題）「Cyber AB Certified CMMC Professional (CCP) 認定」

出題：1

There are 15 practices that are NOT MET for an OSC's Level 2 Assessment. All practices are applicable to the OSC. Which determination should be reached?

A. The OSC may have 90 days for remediating NOT MET practices.

B. The OSC may be eligible for an option to remediate NOT MET practices.

C. The OSC is not eligible for an option to remediate after the assessment is canceled.

D. The OSC is not eligible for an option to remediate NOT MET practices.

正解：B 解答を投票する

出題：2

Where does the requirement to include a required practice of ensuring that personnel are trained to carry out their assigned information security-related duties and responsibilities FIRST appear?

A. Level 2

B. Level 1

C. All levels

D. Level 3

正解：B 解答を投票する

出題：3

Two network administrators are working together to determine a network configuration in preparation for CMMC. The administrators find that they disagree on a couple of small items. Which solution is the BEST way to ensure compliance with CMMC?

A. Consult the CMMC Assessment Guides and NIST SP 800-171.

B. Go with the network administrator's ideas with the most stringent controls.

C. Go with the network administrator's ideas with the least stringent controls.

D. Consult with the CEO of the company.

正解：A 解答を投票する

出題：4

The Advanced Level in CMMC will contain Access Control {AC) practices from:

A. Levels 1,2, and 3.

B. Levels 1 and 2.

C. Level 3.

D. Level 1.

正解：A 解答を投票する

出題：5

The practices in CMMC Level 2 consists of the security requirements specified in:

A. NISTSP 800-53.

B. 48 CFR 52.204-21.

C. DFARS 252.204-7012.

D. NISTSP 800-171.

正解：D 解答を投票する

出題：6

During Phase 4 of the Assessment process, what MUST the Lead Assessor determine and recommend to the C3PAO concerning the OSC?

A. Suitability

B. Ability

C. Eligibility

D. Capability

正解：D 解答を投票する

出題：7

Which entity specifies the required CMMC Level in Requests for Information and Requests for Proposals?

A. DoD

B. NIST

C. Department of Homeland Security

D. NARA

正解：A 解答を投票する

出題：8

An assessor has been working with an OSC's point of contact to plan and prepare for their upcoming assessment. What is one of the MOST important things to remember when analyzing requirements for an assessment?

A. Scoping an assessment is easy and worry-free.

B. There is a determined amount of time that the OSC's point of contact has to submit evidence and rough order-of-magnitude.

C. The initial plan cannot be changed once agreed upon.

D. Assessors need to continuously review and update the requirements and plan for the assessment as information is gathered.

正解：D 解答を投票する

出題：9

In the Code of Professional Conduct, what does the practice of Professionalism require?

A. Do not copy materials without permission to do so.

B. Ensure the security of all information discovered or received.

C. Do not make assertions about assessment outcomes.

D. Refrain from dishonesty in all dealings regarding CMMC.

正解：D 解答を投票する

出題：10

Which term describes the process of granting or denying specific requests to obtain and use information, related information processing services, and enter specific physical facilities?

A. Discretionary access control

B. Physical access control

C. Access control

D. Mandatory access control

正解：C 解答を投票する

CMMC-CCP試験無料問題集「Cyber AB Certified CMMC Professional (CCP) 認定」