In which phase of the System Development Lifecycle (SDLC) is Security Accreditation Obtained?

A.
Functional Requirements Phase

B.
Testing and evaluation control

C.
Acceptance Phase

D.
Postinstallation Phase

Explanation:
Within the SDLC framework Security Accreditation is obtained during the Implementation Phase, more
specifically during Testing and evaluation control.
Incorrect Answers:
A: Security Accreditation is not used during the Functional Requirements Phase. It is used later during the
Implementation phase.
C: Security Accreditation is not used during the Acceptance Phase. It is used earlier during the Implementation
phase.
D: Security Accreditation is not used during the Postinstallation Phase. It is used earlier during the
Implementation phase.

Conrad, Eric, Seth Misenar and Joshua Feldman, CISSP Study Guide, 2nd Edition, Syngress, Waltham, 2012,
p. 1088