exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam

Exam CISSP topic 1 question 315 discussion

Actual exam question from ISC's CISSP
Question #: 315
Topic #: 1
[All CISSP Questions]

Who should perform the design review to uncover security design flaws as part of the Software Development Life Cycle (SDLC)?

  • A. A security subject matter expert (SME)
  • B. A developer subject matter expert (SME)
  • C. The business owner
  • D. The application owner
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
jimbo_jones
5 months, 4 weeks ago
Selected Answer: A
A would be the only answer of evaluating a security flaw properly
upvoted 1 times
...
user009
11 months, 3 weeks ago
The correct answer is A. A security subject matter expert (SME). Explanation: A security subject matter expert (SME) should perform the design review during the Software Development Life Cycle (SDLC) to uncover security design flaws. A security SME has the knowledge and expertise required to identify potential vulnerabilities and weaknesses in the software's design and architecture. They can provide guidance on implementing security best practices and ensuring the application meets the organization's security requirements. Incorrect answers: B. A developer subject matter expert (SME): While a developer SME can provide valuable input on the functionality and performance of the software, they may not have the specialized security expertise needed to identify and address security design flaws.
upvoted 3 times
jackdryan
10 months ago
A is correct
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago