PrepAway - Latest Free Exam Questions & Answers

What is called the formal acceptance of the adequacy of…

What is called the formal acceptance of the adequacy of a system’s overall security by the management?

PrepAway - Latest Free Exam Questions & Answers

A.
Certification

B.
Acceptance

C.
Accreditation

D.
Evaluation

Explanation:
Accreditation is the authorization by management to implement software or systems in a production
environment. This authorization may be either provisional or full. The following are incorrect answers:
Certification is incorrect. Certification is the process of evaluating the security stance of the software or system
against a selected set of standards or policies. Certification is the technical evaluation of a product. This may
precede accreditation but is not a required precursor. Acceptance is incorrect. This term is sometimes used as
the recognition that a piece of software or system has met a set of functional or service level criteria (the new
payroll system has passed its acceptance test). Certification is the better term in this context. Evaluation is
incorrect. Evaluation is certainly a part of the certification process but it is not the best answer to the question.
The Official Study Guide to the CBK from ISC2, pages 559-560 AIO3, pp. 314 – 317 AIOv4
Security Architecture and Design (pages 369 – 372) AIOv5 Security Architecture and Design (pages 370 – 372)


Leave a Reply