Certified Data Privacy Solutions Engineer (CDPSE) — Question 161

Which of the following should be done FIRST when responding to a mandate to protect a critical application that was developed in-house?

Answer options

• A. Apply dynamic application security testing (DAST).
• B. Implement the maximum level of protection.
• C. Develop a proprietary encryption scheme.
• D. Perform a threat assessment.

Correct answer: D

Explanation

The correct answer is D, as performing a threat assessment is essential to identify potential vulnerabilities and risks before implementing security measures. The other options, while important, should follow after understanding the specific threats to the application.