1|Page
GIAC Continuous Monitoring Latest Version: 6.0
ACTUAL QUESTIONS WITH ANSWERS WITH
RATIONALES LATEST 2026.
1. Continuously observing and evaluating the information
system security controls during the system life cycle to
determine whether changes have occurred that will
negatively impact the system security" best describes
which process in the certification and accreditation
methodology?
a. Continuous monitoring
b. Continuous improvement
c. Continuous management
d. Continuous development - ..ANSWER...✓✓ Continuous
monitoring
2. Which one of the following activities is not a component
of the continuous monitoring process?
a. Operation and maintenance
b. Security control monitoring and impact analyses
c. Status reporting and documentation
d. Configuration management and control -
..ANSWER...✓✓ Operation and maintenance
,2|Page
3. Which one of the following publications provides details
of the continuous monitoring process?
a. NIST SP 800-14
b. NIST SP 800-42
c. NIST SP 800-37
d. NIST SP 800-41 - ..ANSWER...✓✓ NIST SP 800-37
4. Which one of the following best describes when
continuous monitoring takes place?
a. Before the initial system certification
b. After the initial system security accreditation
c. Before and after the initial system security
accreditation
d. During the system design phase - ..ANSWER...✓✓
After the initial system security accreditation
5. Which one of the following questions is not asked as
part of the continuous monitoring process?
a. Could any of the changes to the information system
affect the current, identified vulnerabilities in the system
or introduce new vulnerabilities into the system?
,3|Page
b. if new vulnerabilities are introduced into an information
system, would the resulting risk to agency operations,
agency assets, or individuals be unacceptable?
c. What maintenance schedule should be followed during
the operation/maintenance phase of the information
system?
d. When will the information system need to be
reaccredited in accordance with federal or agency policy?
- ..ANSWER...✓✓ What maintenance schedule should be
followed during the operation/maintenance phase of the
information system?
6. In configuration management and control, if necessary,
updates have to be made to which of the following
documents?
a. System security plan
b. System security plan and plan of action and milestones
c. Plan of action and milestones
d. System deficiency report and plan of action and
milestones - ..ANSWER...✓✓ System security plan and
plan of action and milestones
7. Which one of the following documents should report
progress made on the current outstanding items and
, 4|Page
address vulnerabilities in the information system
discovered during the security impact analysis or security
control monitoring?
a. Plan of action and milestones
b. System security plan
c. System security plan and plan of action and milestones
d. System deficiency plan - ..ANSWER...✓✓ Plan of action
and milestones
8. What process should be initiated when changes to the
information system negatively impact the security of the
system or when a period of time has elapsed as specified
by agency or federal policy?
a. Incident response
b. Systems engineering
c. Reaccreditation
d. Reclassification of data - ..ANSWER...✓✓
Reaccreditation
9. What course of action is recommended when it is not
feasible or possible to continuously monitor the entirety
of security controls in an information system?
a. Begin the reaccreditation process
GIAC Continuous Monitoring Latest Version: 6.0
ACTUAL QUESTIONS WITH ANSWERS WITH
RATIONALES LATEST 2026.
1. Continuously observing and evaluating the information
system security controls during the system life cycle to
determine whether changes have occurred that will
negatively impact the system security" best describes
which process in the certification and accreditation
methodology?
a. Continuous monitoring
b. Continuous improvement
c. Continuous management
d. Continuous development - ..ANSWER...✓✓ Continuous
monitoring
2. Which one of the following activities is not a component
of the continuous monitoring process?
a. Operation and maintenance
b. Security control monitoring and impact analyses
c. Status reporting and documentation
d. Configuration management and control -
..ANSWER...✓✓ Operation and maintenance
,2|Page
3. Which one of the following publications provides details
of the continuous monitoring process?
a. NIST SP 800-14
b. NIST SP 800-42
c. NIST SP 800-37
d. NIST SP 800-41 - ..ANSWER...✓✓ NIST SP 800-37
4. Which one of the following best describes when
continuous monitoring takes place?
a. Before the initial system certification
b. After the initial system security accreditation
c. Before and after the initial system security
accreditation
d. During the system design phase - ..ANSWER...✓✓
After the initial system security accreditation
5. Which one of the following questions is not asked as
part of the continuous monitoring process?
a. Could any of the changes to the information system
affect the current, identified vulnerabilities in the system
or introduce new vulnerabilities into the system?
,3|Page
b. if new vulnerabilities are introduced into an information
system, would the resulting risk to agency operations,
agency assets, or individuals be unacceptable?
c. What maintenance schedule should be followed during
the operation/maintenance phase of the information
system?
d. When will the information system need to be
reaccredited in accordance with federal or agency policy?
- ..ANSWER...✓✓ What maintenance schedule should be
followed during the operation/maintenance phase of the
information system?
6. In configuration management and control, if necessary,
updates have to be made to which of the following
documents?
a. System security plan
b. System security plan and plan of action and milestones
c. Plan of action and milestones
d. System deficiency report and plan of action and
milestones - ..ANSWER...✓✓ System security plan and
plan of action and milestones
7. Which one of the following documents should report
progress made on the current outstanding items and
, 4|Page
address vulnerabilities in the information system
discovered during the security impact analysis or security
control monitoring?
a. Plan of action and milestones
b. System security plan
c. System security plan and plan of action and milestones
d. System deficiency plan - ..ANSWER...✓✓ Plan of action
and milestones
8. What process should be initiated when changes to the
information system negatively impact the security of the
system or when a period of time has elapsed as specified
by agency or federal policy?
a. Incident response
b. Systems engineering
c. Reaccreditation
d. Reclassification of data - ..ANSWER...✓✓
Reaccreditation
9. What course of action is recommended when it is not
feasible or possible to continuously monitor the entirety
of security controls in an information system?
a. Begin the reaccreditation process
