ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CSSLP All Questions

View all questions & answers for the CSSLP exam
Go to Exam

Exam CSSLP topic 2 question 68 discussion

Actual exam question from ISC's CSSLP
Question #: 68
Topic #: 2
[All CSSLP Questions]

What are the various phases of the Software Assurance Acquisition process according to the U.S. Department of Defense (DoD) and Department of Homeland
Security (DHS) Acquisition and Outsourcing Working Group?

  • A. Implementing, contracting, auditing, monitoring
  • B. Requirements, planning, monitoring, auditing
  • C. Planning, contracting, monitoring and acceptance, follow-on
  • D. Designing, implementing, contracting, monitoring
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
Software Assurance Acquisition process defines the level of confidence that software is free from vulnerabilities. It is designed into the software or accidentally inserted at anytime during its lifecycle, and the software works in a planned manner. According to the U.S. Department of Defense and Department of
Homeland Security Acquisition and Outsourcing Working Group, the Software Assurance Acquisition process contains the following phases: 1.Planning
2.Contracting 3.Monitoring and acceptance 4.Follow-on
by 74gjd_37 at Oct. 1, 2023, 7:25 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
74gjd_37
5 months, 2 weeks ago
Selected Answer: C
The correct option is C. According to the U.S. Department of Defense and Department of Homeland Security Acquisition and Outsourcing Working Group, the various phases of the Software Assurance Acquisition process are: Planning: This involves identifying software requirements, determining acquisition strategy, developing solicitation documents, and selecting vendors. Contracting: This includes negotiating contract terms and conditions that include software assurance provisions. Monitoring and Acceptance: This involves monitoring contractor performance for compliance with contractual requirements including software assurance related activities like testing for vulnerabilities. Follow-on Activities: These include ongoing maintenance of software through updates or replacement as needed to ensure continued security throughout the system's lifecycle.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago