nerdexam
(ISC)2

CISSP · Question #475

When conducting a security assessment of access controls , Which activity is port of the data analysis phase?

The correct answer is C. Categorize and Identify evidence gathered during the audit. During a security assessment of access controls, the data analysis phase involves examining and making sense of the evidence that has already been collected, which means categorizing and identifying that evidence.

Submitted by viktor_hu· Mar 5, 2026Security Assessment and Testing

Question

When conducting a security assessment of access controls , Which activity is port of the data analysis phase?

Options

  • ACollect logs and reports.
  • BPresent solutions to address audit exceptions.
  • CCategorize and Identify evidence gathered during the audit
  • DConduct statiscal sampling of data transactions.

How the community answered

(34 responses)
  • B
    3% (1)
  • C
    94% (32)
  • D
    3% (1)

Why each option

During a security assessment of access controls, the data analysis phase involves examining and making sense of the evidence that has already been collected, which means categorizing and identifying that evidence.

ACollect logs and reports.

Collecting logs and reports is part of the data collection phase, which precedes the data analysis phase, not part of analyzing the data already gathered.

BPresent solutions to address audit exceptions.

Presenting solutions to address audit exceptions is part of the reporting or remediation phase, which occurs after analysis is complete and findings have been documented.

CCategorize and Identify evidence gathered during the auditCorrect

The data analysis phase occurs after data collection and involves organizing, categorizing, and identifying the evidence gathered during the audit to draw meaningful conclusions. This step transforms raw audit evidence into structured findings by classifying access control violations, anomalies, or exceptions. It is distinct from collection (gathering) and reporting (presenting results).

DConduct statiscal sampling of data transactions.

Conducting statistical sampling of data transactions is a data collection technique used to gather representative evidence, not an activity performed during the analysis phase.

Concept tested: Audit phases: data collection vs. data analysis

Source: https://www.isaca.org/resources/isaca-journal/issues/2016/volume-4/it-audit-in-five-steps

Topics

#security assessment#access control audit#data analysis#audit process

Community Discussion

No community discussion yet for this question.

Full CISSP Practice