Certified Information Systems Security Professional (CISSP) — Question 119

An organization is implementing security review as part of system development. Which of the following is the BEST technique to follow?

Answer options

Correct answer: A

Explanation

Performing incremental assessments allows for continuous evaluation and improvement of security throughout the development process, making it the best approach. Engaging a third-party auditing firm, reviewing security architecture, and conducting penetration testing are all valuable, but they are typically more effective as supplementary measures rather than the primary technique.