Certificate of Cloud Auditing Knowledge (CCAK) — Question 112

DevSecOps aims to integrate security tools and processes directly into the software development life cycle and should be done:

Answer options

• A. in all development steps.
• B. at the beginning of the development cycle.
• C. at the end of the development cycle.
• D. after go-live.

Correct answer: A

Explanation

The correct answer is A because integrating security throughout all development steps ensures that security measures are continuously applied and monitored. Options B and C suggest limiting security to specific phases, which could leave vulnerabilities. Option D proposes addressing security only after deployment, which is too late to prevent potential risks.