Certified Information Systems Security Professional (CISSP) — Question 381

Which of the following does the security design process ensure within the System Development Life Cycle (SDLC)?

Answer options

• A. Proper security controls, security objectives, and security goals are properly initiated.
• B. Security objectives, security goals, and system test are properly conducted.
• C. Proper security controls, security goals, and fault mitigation are properly conducted.
• D. Security goals, proper security controls, and validation are properly initiated.

Correct answer: A

Explanation

The correct answer, A, emphasizes the initiation of security controls, objectives, and goals, which is crucial for a strong security foundation in the SDLC. The other options focus on conducting tests and validations or mitigating faults, which, while important, do not address the initiation phase that A highlights.