ExamGecko
Home Home / ISC / CAP
Question list
Search
Search

List of questions

Search

Related questions











Question 140 - CAP discussion

Report
Export

Certification and Accreditation (C&A or CnA) is a process for implementing information security. It is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to or after a system is in operation. Which of the following statements are true about Certification and Accreditation?

Each correct answer represents a complete solution. Choose two.

A.
Certification is a comprehensive assessment of the management, operational, and technical security controls in an information system.
Answers
A.
Certification is a comprehensive assessment of the management, operational, and technical security controls in an information system.
B.
Accreditation is a comprehensive assessment of the management, operational, and technical security controls in an information system.
Answers
B.
Accreditation is a comprehensive assessment of the management, operational, and technical security controls in an information system.
C.
Certification is the official management decision given by a senior agency official to authorize operation of an information system.
Answers
C.
Certification is the official management decision given by a senior agency official to authorize operation of an information system.
D.
Accreditation is the official management decision given by a senior agency official to authorize operation of an information system.
Answers
D.
Accreditation is the official management decision given by a senior agency official to authorize operation of an information system.
Suggested answer: A, D
asked 18/09/2024
Mark Theeuwes
41 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first