nerdexam
(ISC)2

CAP · Question #237

Which of the following DITSCAP phases validates that the preceding work has produced an IS that operates in a specified computing environment?

The correct answer is A. Phase 3. DITSCAP (DoD Information Technology Security Certification and Accreditation Process) has four phases: Phase 1 (Definition) - establishes the C&A requirements and security needs; Phase 2 (Verification) - verifies the evolving system design against the System Security Authorizatio

Assessment/Audit of Security and Privacy Controls

Question

Which of the following DITSCAP phases validates that the preceding work has produced an IS that operates in a specified computing environment?

Options

  • APhase 3
  • BPhase 2
  • CPhase 4
  • DPhase 1

How the community answered

(17 responses)
  • A
    94% (16)
  • B
    6% (1)

Explanation

DITSCAP (DoD Information Technology Security Certification and Accreditation Process) has four phases: Phase 1 (Definition) - establishes the C&A requirements and security needs; Phase 2 (Verification) - verifies the evolving system design against the System Security Authorization Agreement (SSAA); Phase 3 (Validation) - validates that the completed information system actually operates correctly and securely within its specified computing environment, confirming that all prior work has produced a compliant system; Phase 4 (Post Accreditation) - ongoing operations, maintenance, and change management after the system is accredited. Phase 3 is specifically the validation phase.

Topics

#DITSCAP Phases#System Validation#Certification & Accreditation#Security Assessment

Community Discussion

No community discussion yet for this question.

Full CAP Practice