Certified Information Systems Security Professional (CISSP) — Question 345
Which of the following is a common term for log reviews, synthetic transactions, and code reviews?
Answer options
- A. Application development
- B. Spiral development functional testing
- C. Security control testing
- D. DevOps Integrated Product Team (IPT) development
Correct answer: C
Explanation
The correct answer is C, as security control testing encompasses the evaluation of logs, synthetic transactions, and code reviews to ensure security measures are effective. The other options refer to broader development processes or specific methodologies that do not directly relate to the review of security controls.