Exam CMMC-CCA Topic 2 Question 33 Discussion

Actual exam question for Cyber AB's CMMC-CCA exam
Question #: 33
Topic #: 2

You are a CCA conducting a CMMC Level 2 assessment for an OSC. During the assessment, you discover that the OSC has implemented a practice using a temporary workaround due to a recent system failure. The workaround meets the practice's objectives, but it is not documented in their System Security Plan (SSP).
How should you evaluate this evidence?

A. Accept the workaround as sufficient evidence and score the practice as "MET" since it meets the objectives. B. Document the lack of SSP inclusion as an evidence gap and assess the practice based on the workaround's effectiveness. C. Score the practice as "NOT MET" due to the absence of documentation in the SSP. D. Request the OSC to update the SSP to include the workaround before continuing the assessment.

Suggested Answer: B Vote an answer

Comprehensive and Detailed in Depth Explanation:
The CAP requires assessors to document discrepancies, such as undocumented workarounds, as evidence gaps and assess based on all available evidence, including effectiveness (Option B). Option A overlooks documentation requirements, Option C is premature without full assessment, and Option D involves consulting, which is prohibited.
Extract from Official Document (CAP v1.0):
* Section 2.2 - Conduct Assessment (pg. 25):"Document discrepancies between implemented practices and the SSP as evidence gaps and assess based on all available evidence." References:
CMMC Assessment Process (CAP) v1.0, Section 2.2.

by Haley at Jun 03, 2026, 08:10 PM

Limited Time Offer

15%

Off

Get Premium CMMC-CCA Questions as Interactive Self Test Engine or PDF

Comments

Here are all the actual test exam dumps for IT exams. Most people prepare for the actual exams with our test dumps to pass their exams. So it's critical to choose and actual test pdf to succeed.

RECENT DISCUSSIONS

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Disclaimer:
Actual4test doesn't offer Real SANS and GIAC Exam Questions.
Oracle and Java are registered trademarks of Oracle and/or its affiliates
Actual4test material do not contain actual actual Oracle Exam Questions or material.
Actual4test doesn't offer Real Microsoft Exam Questions.
Microsoft®, Azure®, Windows®, Windows Vista®, and the Windows logo are registered trademarks of Microsoft Corporation
Actual4test Materials do not contain actual questions and answers from Cisco's Certification Exams. The brand Cisco is a registered trademark of CISCO, Inc
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Actual4test does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. Actual4test does not own or claim any ownership on any of the brands.