Secure Software Lifecycle Professional – CSSLP – Question262

Which of the following phases of DITSCAP includes the activities that are necessary for the continuing operation of an accredited IT system in its computing environment and for addressing the changing threats that a system faces throughout its life cycle?

A.
Phase 2, Verification
B. Phase 3, Validation
C. Phase 1, Definition
D. Phase 4, Post Accreditation Phase

Correct Answer: D

Explanation:

Explanation: Phase 4, Post Accreditation Phase, of the DITSCAP includes the activities that are necessary for the continuing operation of an accredited IT system in its computing environment and for addressing the changing threats that a system faces throughout its life cycle. Answer: C is incorrect. Phase 1, Definition, focuses on understanding the mission, the environment, and the architecture in order to determine the security requirements and level of effort necessary to achieve accreditation. Answer: A is incorrect. Phase 2, Verification, verifies the evolving or modified system’s compliance with the information agreed on in the System Security Authorization Agreement (SSAA). Answer: B is incorrect. Phase 3 validates the compliance of a fully integrated system with the information stated in the SSAA.