Secure Software Lifecycle Professional – CSSLP – Question234

Which of the following DITSCAP phases validates that the preceding work has produced an IS that operates in a specified computing environment?

A.
Phase 2
B. Phase 4
C. Phase 1
D. Phase 3

Correct Answer: D

Explanation:

Explanation: The Phase 3 of DITSCAP C&A is known as Validation. The goal of Phase 3 is to validate that the preceding work has produced an IS that operates in a specified computing environment. Answer: C is incorrect. The goal of this phase is to define the C&A level of effort, identify the main C&A roles and responsibilities, and create an agreement on the method for implementing the security requirements. Answer: A is incorrect. The goal of this phase is to obtain a fully integrated system for certification testing and accreditation. Answer: B is incorrect. This phase ensures that it will maintain an acceptable level of residual risk.