CISSP – Information Systems Security Management Professional (ISSMP) — Question 49

In which of the following SDLC phases is the system's security features configured and enabled, the system is tested and installed or fielded, and the system is authorized for processing?

Answer options

• A. Initiation Phase
• B. Development/Acquisition Phase
• C. Implementation Phase
• D. Operation/Maintenance Phase

Correct answer: C

Explanation

The correct answer is C, Implementation Phase, as this is when security features are configured, the system undergoes testing, and is finally deployed for use. The other options represent different stages in the SDLC where security is not the primary focus or where the system is not yet ready for processing.