Exam CMMC-CCA Topic 1 Question 111 Discussion

Actual exam question for Cyber AB's CMMC-CCA exam
Question #: 111
Topic #: 1
You are a CCA conducting a CMMC Level 2 assessment for an OSC. During the assessment, you discover that the OSC has implemented a practice using a temporary workaround due to a recent system failure. The workaround meets the practice's objectives, but it is not documented in their System Security Plan (SSP).
How should you evaluate this evidence?

Suggested Answer: B Vote an answer

Comprehensive and Detailed in Depth Explanation:
The CAP requires assessors to document discrepancies, such as undocumented workarounds, as evidence gaps and assess based on all available evidence, including effectiveness (Option B). Option A overlooks documentation requirements, Option C is premature without full assessment, and Option D involves consulting, which is prohibited.
Extract from Official Document (CAP v1.0):
* Section 2.2 - Conduct Assessment (pg. 25):"Document discrepancies between implemented practices and the SSP as evidence gaps and assess based on all available evidence." References:
CMMC Assessment Process (CAP) v1.0, Section 2.2.

by Lawrence at Oct 04, 2025, 02:02 PM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10