What activities are performed in the Continuous Monitoring process?

Continuous Monitoring is the fourth phase of the security certification and accreditation process. What activities are performed in the Continuous Monitoring process? Each correct answer represents a complete solution. Choose all that apply.

Continuous Monitoring is the fourth phase of the security certification and accreditation process. What activities are performed in the Continuous Monitoring process? Each correct answer represents a complete solution. Choose all that apply.

A.
Security accreditation decision

B.
Status reporting and documentation

C.
Security control monitoring and impact analyses of changes to the information system

D.
Configuration management and control

E.
Security accreditation documentation

Explanation:

Continuous Monitoring is the fourth phase of the security certification and accreditation process.

The Continuous Monitoring process consists of the following three main activities.
1. Configuration management and control
2. Security control monitoring
3. Impact analyses of changes to the information system Status reporting and documentation

The objective of these tasks is to observe and evaluate the information system security controls during the system life cycle. These tasks determine whether the changes that have occurred will negatively impact the system security.

Answer options A and E are incorrect. Security accreditation decision and security accreditation documentation are the two tasks of the security accreditation phase.



Leave a Reply 1

Your email address will not be published. Required fields are marked *