Choose two

Certification and Accreditation (C&A or CnA) is a process for implementing information security. It
is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to or
after a system is in operation. Which of the following statements are true about Certification and
Accreditation Each correct answer represents a complete solution. Choose two.

Certification and Accreditation (C&A or CnA) is a process for implementing information security. It
is a systematic procedure for evaluating, describing, testing, and authorizing systems prior to or
after a system is in operation. Which of the following statements are true about Certification and
Accreditation Each correct answer represents a complete solution. Choose two.

A.
Accreditation is a comprehensive assessment of the management, operational, and technical
security controls in an information system.

B.
Accreditation is the official management decision given by a senior agency official to authorize
operation of an information system.

C.
Certification is a comprehensive assessment of the management, operational, and technical
security controls in an information system.

D.
Certification is the official management decision given by a senior agency official to authorize
operation of an information system.



Leave a Reply 0

Your email address will not be published. Required fields are marked *