CSSLP · Question #205
CSSLP Question #205: Real Exam Question with Answer & Explanation
The correct answer is A: Certification and accreditation decision. Phase 3 (Validation) of DITSCAP C&A involves evaluating the integrated system, refining the System Security Authorization Agreement (SSAA), developing accreditation recommendations, and making the final certification and accreditation decision.
Question
The Phase 3 of DITSCAP C&A is known as Validation. The goal of Phase 3 is to validate that the preceding work has produced an IS that operates in a specified computing environment. What are the process activities of this phase? Each correct answer represents a complete solution. Choose all that apply.
Options
- ACertification and accreditation decision
- BContinue to review and refine the SSAA
- CPerform certification evaluation of the integrated system
- DSystem development
- EDevelop recommendation to the DAA
Explanation
Phase 3 (Validation) of DITSCAP C&A involves evaluating the integrated system, refining the System Security Authorization Agreement (SSAA), developing accreditation recommendations, and making the final certification and accreditation decision.
Common mistakes.
- D. System development is part of an earlier phase of the DITSCAP process (Phase 2 - Definition), where the system is designed and built, not a primary activity of the Validation phase.
Concept tested. DITSCAP Certification and Accreditation (C&A) phases
Topics
Community Discussion
No community discussion yet for this question.