Exam CMMC-CCA Topic 3 Question 141 Discussion
Actual exam question for Cyber AB's CMMC-CCA exam
Question #: 141
Topic #: 3
Question #: 141
Topic #: 3
You are the Lead Assessor for a CMMC assessment of an OSC that has previously obtained ISO 27001 certification for its information security management system. During the initial discussions, the OSC requests that you consider their ISO 27001 certification and grant them credit toward their CMMC certification. They believe there is a significant overlap between CMMC and ISO 27001. What should your response to the OSC be?
Suggested Answer: C Vote an answer
Comprehensive and Detailed in Depth Explanation:
The CAP explicitly states that other certifications like ISO 27001 do not grant automatic CMMC credit unless DoD policy allows (Option C). Options A, B, and D suggest potential credit without basis.
Extract from Official Document (CAP v1.0):
* Section 1.1 - Purpose (pg. 7):"Alternative cybersecurity certifications do not automatically bestow any status or credit towards CMMC certification unless DoD publishes non-duplication policies." References:
CMMC Assessment Process (CAP) v1.0, Section 1.1.
The CAP explicitly states that other certifications like ISO 27001 do not grant automatic CMMC credit unless DoD policy allows (Option C). Options A, B, and D suggest potential credit without basis.
Extract from Official Document (CAP v1.0):
* Section 1.1 - Purpose (pg. 7):"Alternative cybersecurity certifications do not automatically bestow any status or credit towards CMMC certification unless DoD publishes non-duplication policies." References:
CMMC Assessment Process (CAP) v1.0, Section 1.1.
by Morgan at Oct 09, 2025, 05:08 PM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).