Certified Information Systems Security Professional (CISSP) — Question 430

The quality assurance (QA) department is short-staffed and is unable to test all modules before the anticipated release date of an application. What security control is MOST likely to be violated?

Answer options

• A. Change management
• B. Separation of environments
• C. Program management
• D. Mobile code controls

Correct answer: A

Explanation

The correct answer is A, as insufficient testing can lead to unapproved changes being deployed, violating change management protocols. Options B, C, and D are less relevant in this context, as they pertain to environment separation, overall program oversight, and security measures for mobile code, respectively.