CAS-002 · Question #365
CAS-002 Question #365: Real Exam Question with Answer & Explanation
The correct answer is A: Prepare initial documents for system certification and accreditation. Key security activities for the development/acquisition phase are as follows: - Conduct the risk assessment and use the results to supplement the baseline security controls - Analyze security requirements - Perform functional and security testing - Prepare initial documents for s
Question
Options
- APrepare initial documents for system certification and accreditation
- BConduct the risk assessment and use the results to supplement the baseline security controls
- CDetermination of privacy requirements
- DInitial delineation of business requirements in terms of confidentiality, integrity, and availability
Explanation
Key security activities for the development/acquisition phase are as follows: - Conduct the risk assessment and use the results to supplement the baseline security controls - Analyze security requirements - Perform functional and security testing - Prepare initial documents for system certification and accreditation - Design security architecture Answer options D and C are incorrect. Key security activities for the initiation phase are as - Initial definition of business requirements in terms of confidentiality, integrity, and availability - Determination of information categorization and identification of known special handling requirements in transmitting, storing, or creating information - Determination of privacy requirements
Community Discussion
No community discussion yet for this question.