In a Secure Software Development Life Cycle (Secure SDLC), which phases include security activities?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Get ready for your WGU ITEC2034 D385 Software Security and Testing Test. Study with multiple choice questions that include hints and explanations. Boost your confidence for your exam day!

Multiple Choice

In a Secure Software Development Life Cycle (Secure SDLC), which phases include security activities?

Explanation:
Security needs to be part of every stage of the development lifecycle, not just a few isolated points. In a Secure SDLC, you start by capturing security and privacy requirements, risks, and constraints so the project is built with those needs in mind. During design, you model threats and choose architectures and controls that mitigate them. In implementation, secure coding practices, reviews, and defenses are applied to produce safer code. In testing, you actively look for vulnerabilities through security testing, including static and dynamic analysis and potential intrusion attempts. When deploying, you configure systems securely, manage secrets properly, and enforce access controls. In maintenance, you continue vulnerability management, patching, and monitoring to defend against new threats over time. This end-to-end approach minimizes risk by addressing security from the outset and maintaining it through operation, which is why the option that includes all phases is the best fit.

Security needs to be part of every stage of the development lifecycle, not just a few isolated points. In a Secure SDLC, you start by capturing security and privacy requirements, risks, and constraints so the project is built with those needs in mind. During design, you model threats and choose architectures and controls that mitigate them. In implementation, secure coding practices, reviews, and defenses are applied to produce safer code. In testing, you actively look for vulnerabilities through security testing, including static and dynamic analysis and potential intrusion attempts. When deploying, you configure systems securely, manage secrets properly, and enforce access controls. In maintenance, you continue vulnerability management, patching, and monitoring to defend against new threats over time. This end-to-end approach minimizes risk by addressing security from the outset and maintaining it through operation, which is why the option that includes all phases is the best fit.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy