Level 32 Level 34
Level 33

466 - 480


15 words 0 ignored

Ready to learn       Ready to review

Ignore words

Check the boxes below to ignore/unignore words, then click save at the bottom. Ignored words will never appear in any learning session.

All None

Ignore?
Organizations often commit significant
Resources (e.g., people, applications, facilities and technology) to
The SDLC process
Guides the phases deployed in the development or acquisition of a software system and,
The SDLC includes
IT processes for managing and controlling project activity, An objective for each phase of
The SDLC requirements
Is a formal process to characterize design requirements
The SDLC design requirements that include
Business requirements (what system should do), Functional
The design and deployment of controls will often be undertaken
As a systems development project
Not considering the security in the design of a system or application
Is one of the major contributing factors
Too often, security is an afterthought
and controls are retrofitted in an ad hoc way only after security
Security and risk mitigation
Should be formal design criteria in any SDLC process and start with threat and
testing phase of SDLC includes
A program, subsystem or application, and the designed security controls perform
Code review processes
Vary from informal processes to very formal walk-throughs, team review or code inspections
Security should be an integrated part of
Any review process
Development and testing environments
Are relatively open and often have fewer access controls due to the
production environments
To minimize a compromise or misconfiguration being introduced or cascading through the
Different access controls (credentials)
Should be used between the different environments