Free ISC2 SSCP Actual Exam Questions - Question 7 Discussion
system or product to ensure that they work correctly and effectively and do not show any logical
vulnerabilities, such as evaluation criteria?
B. Evaluation makes sense here since it covers the actual detailed assessment and testing, not just the approval or certification afterward. It’s the phase where they find any logical flaws directly.
It’s definitely not A or D since acceptance testing is more about user requirements and accreditation is about formal permission. Between B and C, evaluation fits better because it’s the hands-on analysis and testing looking for any weak spots, including logical flaws. Certification usually comes after, as a formal stamp that the product passed the evaluation. So yeah, B seems like the best match here for the detailed testing and checking phase itself.
A/D? Acceptance testing fits the idea of checking if it meets requirements, while accreditation is more about formal approval to operate, not the actual testing or evaluation phase.
Option B? What’s the difference exactly between evaluation and certification here?