CSSLP Question #119: Real Exam Question with Answer & Explanation

The correct answer is B: NIACAP. The National Information Assurance Certification and Accreditation Process (NIACAP) provides a standard framework for the certification and accreditation of information systems.

Secure Software Deployment, Operations, Maintenance

Question

Which of the following processes provides a standard set of activities, general tasks, and a management structure to certify and accredit systems, which maintain the information assurance and the security posture of a system or site?

Options

ANSA-IAM
BNIACAP
CASSET
DDITSCAP

Explanation

The National Information Assurance Certification and Accreditation Process (NIACAP) provides a standard framework for the certification and accreditation of information systems.

Common mistakes.

A. NSA-IAM (Information Assurance Methodology) is a methodology developed by the NSA but not the specific broad C&A process defined by the question, which requires a standard set of activities and management structure.
C. ASSET (Automated Security Self-Evaluation Tool) is a tool designed to assist with security evaluations, not a complete certification and accreditation process itself.
D. DITSCAP (Defense Information Technology Security Certification and Accreditation Process) was a predecessor to NIACAP and was eventually superseded by other frameworks, making NIACAP a more current and historically accurate answer for a 'standard set of activities' for C&A at its time.

Concept tested. Certification and Accreditation processes

Topics

#Certification and Accreditation (C&A)#NIACAP#Information Assurance#System Security Posture

Community Discussion

No community discussion yet for this question.

Full CSSLP Practice Browse All CSSLP Questions