An assessor identifies automated methods for identifying security control compliance through validating sensors at the endpoint and at Tier 2. Which of the
following practices satisfy continuous monitoring of authorized information systems?
A.
Independent verification and validation
B.
Security test and evaluation
C.
Risk assessment
D.
Ongoing authorization