A test plan to validate the security controls of a new system should be developed during which
phase of the project?
A.
Testing
B.
Initiation
C.
Design
D.
Development
Explanation:
In the design phase, security checkpoints are defined and a test plan is developed. The testing
phase is too late since the system has already been developed and is in production testing. In the
initiation phase, the basic security objective of the project is acknowledged. Development is the
coding phase and is too late to consider test plans.