Professional Scrum Master II (PSM II) — Question 53

What is a good way for a Scrum Team to ensure that security concerns are addressed and transparent?

Answer options

• A. Add Security Sprints to resolve security concerns when needed.
• B. Have the Scrum Team create Product Backlog items for each concern and/or add security concerns to the definition of ג€Doneג€.
• C. Create a separate backlog for security items and only work on the items when a specialist becomes available.
• D. Delegate the work to an external team.

Correct answer: B

Explanation

The correct answer, B, emphasizes the importance of integrating security concerns directly into the Product Backlog and the definition of 'Done', ensuring that they are continuously addressed throughout the project. Option A is insufficient as it only tackles security sporadically during special sprints, while C and D both remove responsibility from the Scrum Team, which undermines the collaborative nature of Scrum.