Certified Authorization Professional (CAP) — Question 8

Which of the following assessment methodologies defines a six-step technical security evaluation?

Answer options

• A. OCTAVE
• B. FITSAF
• C. DITSCAP
• D. FIPS 102

Correct answer: D

Explanation

FIPS 102 is the correct answer as it outlines a six-step methodology for conducting technical security evaluations. OCTAVE, FITSAF, and DITSCAP are other assessment frameworks but do not specifically define a six-step process as FIPS 102 does.