When is security personnel involvement in the Systems Development Life Cycle (SDLC) process MOST beneficial?

When is security personnel involvement in the Systems Development Life Cycle (SDLC) process
MOST beneficial?

When is security personnel involvement in the Systems Development Life Cycle (SDLC) process
MOST beneficial?

A.
Testing phase

B.
Development phase

C.
Requirements definition phase

D.
Operations and maintenance phase

Show Hint

Leave a Reply to trens Cancel reply2

Your email address will not be published. Required fields are marked *

18 − thirteen =

trens

trens

Why is it not D?

Reply

Somebody

Somebody

This a good example where several answer may be good, but only one is the BEST (as requested in the question: “MOST beneficial”.

– D: Imagine a poorly designed and poorly implemented software with more holes than swiss-cheese, now turn to the security team and ask them to ensure it is operated and maintained following highest security standards… I would not like to be on of them :/ …

– C: Security team are involved right from the beginning, explaining what threats the application may face and what mitigation measures should be therefore adopted. The result will be a lot cleaner 🙂 !

Reply