Secure Software Lifecycle Professional – CSSLP – Question345

Which of the following DoD directives defines DITSCAP as the standard C&A process for the Department of Defense?

A.
DoD 8910.1
B. DoD 5200.22-M
C. DoD 8000.1
D. DoD 5200.40

Correct Answer: D

Explanation:

Explanation: DITSCAP stands for DoD Information Technology Security Certification and Accreditation Process. The DoD Directive 5200.40 (DoD Information Technology Security Certification and Accreditation Process) established the DITSCAP as the standard C&A process for the Department of Defense. The Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) is a process defined by the United States Department of Defense (DoD) for managing risk. DIACAP replaced the former process, known as DITSCAP, in 2006. Answer: B is incorrect. This DoD Directive is known as National Industrial Security Program Operating Manual. Answer: C is incorrect. This DoD Directive is known as Defense Information Management (IM) Program. Answer: A is incorrect. This DoD Directive is known as Management and Control of Information Requirements.