ISC2 Exam ISSEP Topic 4 Question 64 Discussion

Actual exam question for ISC2's Information Systems Security Engineering Professional exam

Question #: 64
Topic #: 4

[All Information Systems Security Engineering Professional Questions]

Continuous Monitoring is the fourth phase of the security certification and accreditation process. What activities are performed in the Continuous Monitoring process?

Each correct answer represents a complete solution. Choose all that apply.

AStatus reporting and documentation

BSecurity control monitoring and impact analyses of changes to the information system

CConfiguration management and control

DSecurity accreditation documentation

ESecurity accreditation decision

Show Suggested Answer

Suggested Answer: A, B, C

Continuous Monitoring is the fourth phase of the security certification and accreditation process.

The Continuous Monitoring process consists of the following three main activities:

Configuration management and control Security control monitoring and impact analyses of changes

to the information system Status reporting and documentation The objective of these tasks is to

observe and evaluate the information system security controls during the system life cycle. These

tasks determine whether the changes that have occurred will negatively impact the system security.

Answer options E and D are incorrect. Security accreditation decision and security accreditation

documentation are the two tasks of the security accreditation phase.

by Louvenia at Feb 07, 2023, 10:08 PM

Limited Time Offer

25%

Off

Get Premium ISSEP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!