New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSEP Exam - Topic 2 Question 6 Discussion

Actual exam question for ISC2's ISSEP exam
Question #: 6
Topic #: 2
[All ISSEP Questions]

Continuous Monitoring is the fourth phase of the security certification and accreditation process. What activities are performed in the Continuous Monitoring process?

Each correct answer represents a complete solution. Choose all that apply.

Show Suggested Answer Hide Answer
Suggested Answer: A, B, C

Continuous Monitoring is the fourth phase of the security certification and accreditation process.

The Continuous Monitoring process consists of the following three main activities:

Configuration management and control Security control monitoring and impact analyses of changes

to the information system Status reporting and documentation The objective of these tasks is to

observe and evaluate the information system security controls during the system life cycle. These

tasks determine whether the changes that have occurred will negatively impact the system security.

Answer options E and D are incorrect. Security accreditation decision and security accreditation

documentation are the two tasks of the security accreditation phase.


by Cathrine at May 04, 2022, 02:10 AM

Limited Time Offer

25%

Off

Get Premium ISSEP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Aliza
4 months ago
I thought Continuous Monitoring was just about checking logs, this is more involved than I expected!
upvoted 0 times
...
Kiley
4 months ago
Configuration management is definitely part of it, no doubt!
upvoted 0 times
...
Cammy
4 months ago
Wait, isn't security accreditation documentation part of a different phase?
upvoted 0 times
...
Frank
4 months ago
Totally agree, impact analyses are crucial too!
upvoted 0 times
...
Elza
5 months ago
Continuous Monitoring includes status reporting and security control monitoring.
upvoted 0 times
...
Rosio
5 months ago
I feel like security accreditation documentation might be more relevant to the initial phases rather than continuous monitoring, but I could be wrong.
upvoted 0 times
...
Miss
5 months ago
Configuration management and control sounds familiar, but I can't recall if it's specifically tied to continuous monitoring or just general security practices.
upvoted 0 times
...
Gearldine
5 months ago
I remember we practiced a question similar to this, and I think security control monitoring is crucial for continuous monitoring.
upvoted 0 times
...
Howard
5 months ago
I think status reporting and documentation is definitely part of continuous monitoring, but I'm not entirely sure about the others.
upvoted 0 times
...
Matthew
5 months ago
Hmm, I'm a bit unsure about this one. The question mentions creating a report, so I'm wondering if option C - Microsoft Graph data connect - might be the better choice since it's designed for data integration and reporting. But I'll need to double-check the capabilities of each option.
upvoted 0 times
...
Rusty
5 months ago
I remember studying about different file formats, but I'm not sure if CDFS strictly relates to Windows or if it could also apply to other systems.
upvoted 0 times
...
Ozell
5 months ago
Hmm, I'm not sure about this one. I'm a bit confused - is the concern that the integration won't be maintained by the XSOAR team? I'll have to think this through carefully.
upvoted 0 times
...

Save Cancel