CISSP-ISSEP · Question #111
Which of the following DITSCAPNIACAP model phases is used to confirm that the evolving system development and integration complies with the agreements between role players documented in the first phas
The correct answer is A. Verification. Verification (Phase 2) is correct because it is the phase specifically designed to confirm that ongoing system development and integration activities comply with the System Security Authorization Agreement (SSAA) established in Phase 1. It acts as a continuous compliance check du
Question
Which of the following DITSCAPNIACAP model phases is used to confirm that the evolving system development and integration complies with the agreements between role players documented in the first phase?
Options
- AVerification
- BValidation
- CPost accreditation
- DDefinition
How the community answered
(71 responses)- A93% (66)
- B4% (3)
- C1% (1)
- D1% (1)
Explanation
Verification (Phase 2) is correct because it is the phase specifically designed to confirm that ongoing system development and integration activities comply with the System Security Authorization Agreement (SSAA) established in Phase 1. It acts as a continuous compliance check during the build process, not after.
Validation (Phase 3) is wrong because it confirms the fully integrated, completed system meets security requirements - it comes after development is done, not during it.
Post Accreditation (Phase 4) is wrong because it deals with maintaining security posture after the system has already been accredited and is operational.
Definition (Phase 1) is wrong because that is the phase where the agreements are created - it is the baseline being referenced, not the phase that checks compliance against it.
Memory tip: Think of it this way - Definition Drafts the deal, Verification Vets the work-in-progress. If the question mentions "evolving" or "during development," that signals Phase 2: Verification.
Topics
Community Discussion
No community discussion yet for this question.