nerdexam
CompTIA

CAS-003 · Question #71

An assessor identifies automated methods for identifying security control compliance through validating sensors at the endpoint and at Tier 2. Which of the following practices satisfy continuous monit

The correct answer is D. Ongoing authorization. Ongoing assessment and authorization is often referred to as continuous monitoring. It is a process that determines whether the set of deployed security controls in an information system continue to be effective with regards to planned and unplanned changes that occur in the syst

Enterprise Security Operations

Question

An assessor identifies automated methods for identifying security control compliance through validating sensors at the endpoint and at Tier 2. Which of the following practices satisfy continuous monitoring of authorized information systems?

Options

  • AIndependent verification and validation
  • BSecurity test and evaluation
  • CRisk assessment
  • DOngoing authorization

How the community answered

(44 responses)
  • A
    2% (1)
  • B
    5% (2)
  • D
    93% (41)

Explanation

Ongoing assessment and authorization is often referred to as continuous monitoring. It is a process that determines whether the set of deployed security controls in an information system continue to be effective with regards to planned and unplanned changes that occur in the system and its environment over time. Continuous monitoring allows organizations to evaluate the operating effectiveness of controls on or near a real-time basis. Continuous monitoring enables the enterprise to detect control failures quickly because it transpires immediately or closely after events in which the key controls are

Topics

#continuous monitoring#ongoing authorization#security controls compliance#automated assessment

Community Discussion

No community discussion yet for this question.

Full CAS-003 Practice