nerdexam
(ISC)2

CISSP-ISSEP · Question #104

Fill in the blank with an appropriate phrase. _________________ is used to verify and accredit systems by making a standard process, set of activities, general tasks, and management structure.

The correct answer is A. DITSCAPNIACAP. DITSCAP/NIACAP is correct because both frameworks were specifically designed to certify and accredit information systems through a standardized, repeatable process - covering defined activities, task sequences, and management structures that ensure systems meet security requireme

Risk Management

Question

Fill in the blank with an appropriate phrase. _________________ is used to verify and accredit systems by making a standard process, set of activities, general tasks, and management structure.

Options

  • ADITSCAPNIACAP

How the community answered

(33 responses)
  • A
    100% (33)

Explanation

DITSCAP/NIACAP is correct because both frameworks were specifically designed to certify and accredit information systems through a standardized, repeatable process - covering defined activities, task sequences, and management structures that ensure systems meet security requirements before and during operation. DITSCAP (DoD Information Technology Security Certification and Accreditation Process) applied to Department of Defense systems, while NIACAP (National Information Assurance Certification and Accreditation Process) extended that approach to national-level systems.

Since only one option is presented, there are no distractors to evaluate - the question tests direct recall of this framework.

Memory tip: Break it down - DITSCAP = DoD IT Security Certification and Accreditation Process, and NIACAP = National Information Assurance Certification and Accreditation Process. Both share the same core idea: a standard process to certify and accredit systems, so if you see "verify, accredit, standard process, management structure," think DITSCAP/NIACAP.

Topics

#Certification and Accreditation#DITSCAP#NIACAP#Information Assurance

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSEP Practice