CAP · Question #85
The Phase 2 of DITSCAP C&A is known as Verification. The goal of this phase is to obtain a fully integrated system for certification testing and accreditation. What are the process activities of this
The correct answer is A. System development B. Certification analysis D. Assessment of the Analysis Results E. Configuring refinement of the SSAA. DITSCAP (DoD Information Technology Security Certification and Accreditation Process) Phase 2 - Verification - focuses on confirming that the system is built as agreed upon in the SSAA (System Security Authorization Agreement). Its activities include: (A) System Development - bui
Question
The Phase 2 of DITSCAP C&A is known as Verification. The goal of this phase is to obtain a fully integrated system for certification testing and accreditation. What are the process activities of this phase? Each correct answer represents a complete solution. Choose all that apply.
Options
- ASystem development
- BCertification analysis
- CRegistration
- DAssessment of the Analysis Results
- EConfiguring refinement of the SSAA
How the community answered
(20 responses)- A90% (18)
- C10% (2)
Explanation
DITSCAP (DoD Information Technology Security Certification and Accreditation Process) Phase 2 - Verification - focuses on confirming that the system is built as agreed upon in the SSAA (System Security Authorization Agreement). Its activities include: (A) System Development - building/integrating the system; (B) Certification Analysis - analyzing security controls and their effectiveness; (D) Assessment of the Analysis Results - evaluating findings from the certification analysis; and (E) Configuring refinement of the SSAA - updating the SSAA to reflect the actual system configuration. Registration (C) is an activity belonging to Phase 1 (Definition), not Phase 2.
Topics
Community Discussion
No community discussion yet for this question.