Agree with D.

Agree with D

D is the correct answer accorhttps://csrc.nist.gov/glossary/term/information_security_continuous_monitoring_program#:~:text=Definition(s)%3A,part%20through%20implemented%20security%20controls.ding to nist

D. Information Security Continuous Monitoring (ISCM) Information Security Continuous Monitoring (ISCM) is a comprehensive process that involves the collection of security-related data and information to assess, analyze, and continuously monitor an organization's security posture. It uses pre-established metrics and leverages information available through implemented security controls to provide ongoing visibility into the effectiveness of an organization's security measures.

information security continuous monitoring (ISCM): "A program established to collect information in accordance with pre-established metrics, utilizing information readily available in part through implemented security controls." https://csrc.nist.gov/glossary/term/information_security_continuous_monitoring_program

D. Information Security Continuous Monitoring (ISCM).

It says it word for word on nist's official site. https://csrc.nist.gov/glossary/term/information_security_continuous_monitoring_program

Vote for D

The report which contains the results of performing a risk assessment or the formal output from the process of assessing risk." https://csrc.nist.gov/glossary/term/risk_assessment_repor

Answer is C "The report which contains the results of performing a risk assessment or the formal output from the process of assessing risk." https://csrc.nist.gov/glossary/term/risk_assessment_report

C is correct, according to "available in part through implemented security controls"