SDLC Security requirement
The SDLC Security requirement are defined in
a) Project Initiation and Planning or
b) Functional design analysis and planning
Which of the above is correct and could you rationale your answer.
a) Project Initiation and Planning or
b) Functional design analysis and planning
Which of the above is correct and could you rationale your answer.
Comments
Security requirements are considered non-functional requirements, so B would not be the correct answer.
Basing that answer off of something I read in my Software Engineering class and not for something I read while prepping for the CISSP.
2020 Goals: 0 of 2 courses complete, 0 of 2 exams complete
2020 Goals: 0 of 2 courses complete, 0 of 2 exams complete
Is my assumption correct?
Security is identified in Project Initiation and Planning phase
Security is defined during Functional design analysis and planning
It lead me to answer to this question.
Who is responsible for data classification?
a) Data Owner
b) Senior Management