New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSEP Exam - Topic 2 Question 56 Discussion

Actual exam question for ISC2's ISSEP exam
Question #: 56
Topic #: 2
[All ISSEP Questions]

Which of the following are the phases of the Certification and Accreditation (C&A) process?

Each correct answer represents a complete solution. Choose two.

Show Suggested Answer Hide Answer
Suggested Answer: B, C

The Certification and Accreditation (C&A) process consists of four distinct phases:

1.Initiation

2.Security Certification

3.Security Accreditation

4.Continuous Monitoring

The C&A activities can be applied to an information system at appropriate phases in the system

development life cycle by selectively tailoring

the various tasks and subtasks.

Answer options A and D are incorrect. Auditing and detection are not phases of the Certification and

Accreditation process.


by Glenna at Aug 23, 2022, 02:33 PM

Limited Time Offer

25%

Off

Get Premium ISSEP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Ira
4 months ago
Continuous Monitoring is definitely one of them!
upvoted 0 times
...
Teri
4 months ago
I thought Detection was a phase, but maybe not?
upvoted 0 times
...
Vernell
4 months ago
Wait, isn't Auditing part of it too?
upvoted 0 times
...
Benton
4 months ago
Totally agree with B!
upvoted 0 times
...
Eliseo
4 months ago
I think it's B and C.
upvoted 0 times
...
Glenn
5 months ago
I remember "Initiation" for sure, but I can't recall if "Detection" is a phase or just a part of the overall process.
upvoted 0 times
...
Louis
5 months ago
I’m a bit confused; I thought "Auditing" was part of the process, but now I’m not so sure if it’s one of the main phases.
upvoted 0 times
...
Polly
5 months ago
I feel like "Continuous Monitoring" was mentioned in a practice question we did, so that might be one of the answers too.
upvoted 0 times
...
Salena
5 months ago
I think I remember that "Initiation" is definitely one of the phases, but I'm not sure about the second one.
upvoted 0 times
...
Dorathy
5 months ago
I'm a little confused by the different storage account types. I'll need to research the differences between general-purpose, blob, and file storage to determine which one would be most appropriate for boot diagnostics.
upvoted 0 times
...
Tawna
5 months ago
Hmm, I'm not entirely sure about this one. I know Azure has a lot of cloud services, but I'm not certain if video conferencing is one of them. I'll have to think this through carefully.
upvoted 0 times
...
Royce
5 months ago
I'm feeling pretty confident about this one. Based on the options provided, "Process Evaluation" seems like the most relevant choice for how senior leaders can oversee decisions around developing resilience in a program.
upvoted 0 times
...
Elly
5 months ago
Ah, a classic cryptanalysis question. I remember learning about "rubber-hose" attacks in one of my security courses. I'm confident the answer is B - it's all about physically coercing the information out of someone.
upvoted 0 times
...

Save Cancel