Which of the following documents is defined as a source document, which is most useful for the
ISSE when classifying the needed security functionality?
A.
Information Protection Policy (IPP)
B.
IMM
C.
System Security Context
D.
CONOPS
Explanation:
The Information Protection Policy (IPP) is defined as a source document, which is
most useful for the ISSE when classifying the needed security functionality. The IPP document
consists of the threats to the information management and the security services and controls
C is incorrect. The System Security Context is the output of SE and ISSEP. It is the translation of
the requirements into system parameters and possible measurement concepts that meet the
document describing the characteristics of a proposed system from the viewpoint of an individual
who will use that system. It is used to communicate the quantitative and qualitative system
characteristics to all stakeholders. CONOPS are widely used in the military or in government
services, as well as other fields. A CONOPS generally evolves from a concept and is a description
of how a set of capabilities may be employed to achieve desired objectives or a particular end
state for a specific scenario.