Which of the following phases of the DITSCAP C&A process is used to define the C&A level of
effort, to identify the main C&A roles and responsibilities, and to create an agreement on the
method for implementing the security requirements?
A.
Phase 1
B.
Phase 4
C.
Phase 2
D.
Phase 3
Explanation:
The Phase 1 of the DITSCAP C&A process is known as Definition Phase. The goal
of this phase is to define the C&A level of effort, identify the main C&A roles and responsibilities,
incorrect. The Phase 4 of the DITSCAP C&A process is known as Post Accreditation.