CSSLP · Question #268
CSSLP Question #268: Real Exam Question with Answer & Explanation
The correct answer is D: Phase 4, Post Accreditation Phase. The Post Accreditation Phase (Phase 4) of DITSCAP encompasses all activities required for the continuous secure operation of an accredited IT system, including ongoing monitoring and adapting to evolving threats throughout its lifecycle.
Question
Which of the following phases of DITSCAP includes the activities that are necessary for the continuing operation of an accredited IT system in its computing environment and for addressing the changing threats that a system faces throughout its life cycle?
Options
- APhase 2, Verification
- BPhase 3, Validation
- CPhase 1, Definition
- DPhase 4, Post Accreditation Phase
Explanation
The Post Accreditation Phase (Phase 4) of DITSCAP encompasses all activities required for the continuous secure operation of an accredited IT system, including ongoing monitoring and adapting to evolving threats throughout its lifecycle.
Common mistakes.
- A. Phase 2, Verification, focuses on reviewing the system's design and implementation to ensure compliance with security requirements, not post-accreditation operational maintenance.
- B. Phase 3, Validation, involves assessing the system's overall security posture and risk prior to the accreditation decision, which precedes the continuous operational phase.
- C. Phase 1, Definition, is concerned with defining the system's scope, boundaries, and security requirements at the initial stage of the C&A process.
Concept tested. DITSCAP phases and their scope
Topics
Community Discussion
No community discussion yet for this question.