New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSEP Exam - Topic 4 Question 5 Discussion

Actual exam question for ISC2's ISSEP exam
Question #: 5
Topic #: 4
[All ISSEP Questions]

The Phase 4 of DITSCAP C&A is known as Post Accreditation. This phase starts after the system has been accredited in Phase 3. What are the process activities of this phase?

Each correct answer represents a complete solution. Choose all that apply.

Show Suggested Answer Hide Answer
Suggested Answer: A, C, D, E, F

The Phase 4 of DITSCAP C&A is known as Post Accreditation. This phase starts after the system has

been accredited in the Phase 3. The goal of this phase is to continue to operate and manage the

system and to ensure that it will maintain an acceptable level of residual risk. The

process activities of this phase are as follows:

System operations

Security operations

Maintenance of the SSAA

Change management

Compliance validation

Answer option B is incorrect. It is a Phase 3 activity.


by Gertude at May 08, 2022, 08:37 PM

Limited Time Offer

25%

Off

Get Premium ISSEP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Reuben
4 months ago
Really? I thought the focus would shift away from SSAA after Phase 3.
upvoted 0 times
...
Mari
4 months ago
I think maintaining the SSAA is crucial after accreditation.
upvoted 0 times
...
Tayna
4 months ago
Wait, isn't change management also part of this phase?
upvoted 0 times
...
Vi
4 months ago
Totally agree, compliance validation is key too!
upvoted 0 times
...
Cheryll
5 months ago
Post Accreditation is all about ongoing security operations.
upvoted 0 times
...
Glendora
5 months ago
I believe we discussed the importance of change management in this phase, so I might lean towards option C as well.
upvoted 0 times
...
Rosalind
5 months ago
I’m a bit confused about the difference between system operations and security operations. I hope I can remember which one applies here.
upvoted 0 times
...
Johnson
5 months ago
I remember practicing a question about the SSAA maintenance, so I feel confident that option F is correct.
upvoted 0 times
...
Tom
5 months ago
I think Phase 4 involves ongoing security operations, but I'm not entirely sure if compliance validation is also part of it.
upvoted 0 times
...
Jennifer
5 months ago
This is a good test of our knowledge of container image management. The key is to focus on the methods that allow you to copy or move images between different registries, whether that's through sync tools, storage endpoints, or other distribution mechanisms. I think I've got a handle on this.
upvoted 0 times
...
Burma
5 months ago
I'm feeling pretty confident about this one. Ensuring that program statuses are being updated seems like the best way to track the success of a program using a custom channel. Option C is my pick.
upvoted 0 times
...
Santos
5 months ago
Based on my understanding, out-of-band RAID configuration is typically supported by more advanced hardware. I'm guessing the answer is either A or C.
upvoted 0 times
...
Frederick
5 months ago
I practiced a similar question where we had to enable AD authentication for an app, and I think using Amazon Cognito might be a viable option too, but I'm a little confused about the specifics.
upvoted 0 times
...

Save Cancel