CAP · Question #363
Which of the following are the objectives of the security certification documentation task? Each correct answer represents a complete solution. Choose all that apply.
The correct answer is A. To prepare the Plan of Action and Milestones (POAM) based on the security assessment B. To provide the certification findings and recommendations to the information system owner C. To assemble the final security accreditation package and then submit it to the authorizing o D. To update the system security plan based on the results of the security assessment. The security certification documentation task encompasses all four objectives. (A) Preparing the Plan of Action and Milestones (POAM) based on security assessment results documents how identified weaknesses will be remediated. (B) Providing findings and recommendations to the inf
Question
Which of the following are the objectives of the security certification documentation task? Each correct answer represents a complete solution. Choose all that apply.
Options
- ATo prepare the Plan of Action and Milestones (POAM) based on the security assessment
- BTo provide the certification findings and recommendations to the information system owner
- CTo assemble the final security accreditation package and then submit it to the authorizing o
- DTo update the system security plan based on the results of the security assessment
How the community answered
(32 responses)- A100% (32)
Explanation
The security certification documentation task encompasses all four objectives. (A) Preparing the Plan of Action and Milestones (POAM) based on security assessment results documents how identified weaknesses will be remediated. (B) Providing findings and recommendations to the information system owner ensures the owner is informed to make accreditation decisions. (C) Assembling and submitting the final security accreditation package to the authorizing official is the culminating deliverable. (D) Updating the system security plan based on assessment results ensures the SSP reflects the current security posture. All four are integral to the certification documentation phase.
Topics
Community Discussion
No community discussion yet for this question.