An assessor identifies automated methods for identifying security control compliance through validating sensors
at the endpoint and at Tier 2. Which of the following practices satisfy continuous monitoring of authorized
information systems?
A.
Independent verification and validation
B.
Security test and evaluation
C.
Risk assessment
D.
Ongoing authorization