{"id":61,"date":"2021-01-17T05:21:59","date_gmt":"2021-01-16T17:55:27","guid":{"rendered":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/secure-software-lifecycle-professional-csslp-question053\/"},"modified":"2021-01-17T05:26:56","modified_gmt":"2021-01-17T05:26:56","slug":"secure-software-lifecycle-professional-csslp-question053","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/secure-software-lifecycle-professional-csslp-question053\/","title":{"rendered":"Secure Software Lifecycle Professional &#8211; CSSLP &#8211; Question053"},"content":{"rendered":"<div class=\"question\">Certification and Accreditation (C&amp;A or CnA) is a process for implementing information security. It is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to or after a system is in operation. Which of the following statements are true about Certification and Accreditation? Each correct answer represents a complete solution. Choose two. <br \/><strong><br \/>A.<\/strong> Certification is a comprehensive assessment of the management, operational, and technical security controls in an information system. <br \/><strong>B.<\/strong> Accreditation is a comprehensive assessment of the management, operational, and technical security controls in an information system. <br \/><strong>C.<\/strong> Accreditation is the official management decision given by a senior agency official to authorize operation of an information system. <br \/><strong>D.<\/strong> Certification is the official management decision given by a senior agency official to authorize operation of an information system.<\/div>\n<p><\/p>\n<style> .hidden-div{ display:none } <\/style>\n<p>\t\t\t\t\t\t\t<button onclick=\"getElementById('hidden-div').style.display = 'block'\"> Show Answer <\/button> <button onclick=\"getElementById('hidden-div').style.display = 'none'\">Hide Answer<\/button><\/p>\n<div class=\"hidden-div\" id=\"hidden-div\"><span style=\"\"><\/p>\n<div class=\"answer\">Correct Answer: <strong>AC<\/strong><\/div>\n<p><strong>Explanation:<\/strong> <\/p>\n<div class=\"explanation\">\nExplanation: Certification and Accreditation (C&#038;A or CnA) is a process for implementing information security. It is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to or after a system is in operation. The C&#038;A process is used extensively in the U.S. Federal Government. Some C&#038;A processes include FISMA, NIACAP, DIACAP, and DCID 6\/3. Certification is a comprehensive assessment of the management, operational, and technical security controls in an information system, made in support of security accreditation, to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system. Accreditation is the official management decision given by a senior agency official to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls.<\/div>\n<p><\/strong><\/span> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>Certification and Accreditation (C&amp;A or CnA) is a process for implementing information security. It is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to or after a system is in operation. Which of the following statements are true about Certification and Accreditation? Each correct answer represents a complete solution. Choose two. A. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[353,56,3],"class_list":["post-61","post","type-post","status-publish","format-standard","hentry","category-secure-software-lifecycle-professional-csslp","tag-choices","tag-question-053","tag-secure-software-lifecycle-professional-csslp"],"_links":{"self":[{"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/posts\/61","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/comments?post=61"}],"version-history":[{"count":1,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/posts\/61\/revisions"}],"predecessor-version":[{"id":412,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/posts\/61\/revisions\/412"}],"wp:attachment":[{"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/media?parent=61"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/categories?post=61"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exampracticetests.com\/ISC\/CSSLP\/wp-json\/wp\/v2\/tags?post=61"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}