Which of the following phases of NIST SP 800-37 C&A methodology examines the residual risk for acceptability, and prepares the final security accreditation package

Which of the following phases of NIST SP 800-37 C&A methodology examines the residual risk for
acceptability, and prepares the final security accreditation package

Which of the following phases of NIST SP 800-37 C&A methodology examines the residual risk for
acceptability, and prepares the final security accreditation package

A.
Initiation

B.
Security Certification

C.
Continuous Monitoring

D.
Security Accreditation



Leave a Reply 1

Your email address will not be published. Required fields are marked *


Banes

Banes

If this question is referring to the RMF step it is Step -5 Authorize Information System. If it is referring to the System Development Life Cycle Phase indicated in RMF it is Implementation. Initiation is the only viable “phase”, but it is not correct.