Answer is correct.
The Secure Software Development Lifecycle (SDLC) Process phases are
1. Requirement Gathering and Feasibility
2. Requirement Analysis
3. Design
4. Development/Coding
5. Testing
6. Maintenance
Note: It is essential that security be included in discussions and the SDLC process from the very initial stages.
Carter, Daniel. CCSP Certified Cloud Security Professional All-in-One Exam Guide, Second Edition (p. 169). McGraw-Hill Education. Kindle Edition.
The correct answer is "B";
The requirement analysis phase of the software development lifecycle focuses on gathering and documenting the functional and non-functional requirements of the software system. Programming languages, on the other hand, are not a requirement but a technical decision made later in the development process. Programming languages are chosen based on the project's needs and the expertise of the development team. Therefore, they should not be part of the requirement analysis phase.
The programming languages should not be part of the requirement analysis phase of the software development lifecycle. The requirement analysis phase focuses on gathering, analyzing, and documenting the functional and non-functional requirements of the software. It involves understanding the desired functionality, user needs, business processes, and system constraints
Security requirements should be part of the requirement analysis phase of the software development lifecycle, as security is an essential aspect of software development. During the requirement analysis phase, the software's security requirements should be identified and documented to ensure that the software is developed with the necessary security controls in place to protect against potential threats.
I comprehend why ISC2 wants "D" as the answer. Their point is that "security requirements" should be included at the EARLIEST possible point in the cycle. This would be the "Gathering and Feasibility" phase. Thus the question should be worded differently. The key is to comprehend that all of these have a role in this phase. Only one is firm before going into (prior to) this phase.
The correct answer is B. Programming languages. The requirement analysis phase is the first phase of the software development lifecycle, and it involves gathering and documenting the functional and non-functional requirements for the software. This includes things like the desired functionality of the software, the software platform, and the security requirements. Programming languages are not typically part of this phase, as they are typically selected later in the development process based on the requirements and other factors.
D is definitely not the answer.
Per CBK 3rd edition page 122. "This phase includes gathering business and security requirement."
Also per NIST SDLC, "Security planning should begin in the initiation phase with the identification of key security roles to be carried out in the development of the system."
The correct answer is Programming language (B).
CCSP official study guide says , we should refrain from choosing specific tool or technology in Requirement phase.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
MahesswarShriMohanty
Highly Voted 4 years, 4 months agoNord
Highly Voted 3 years, 9 months agoNobleGiantz
3 years, 9 months agoTraceSplice
Most Recent 8 months, 1 week agoKneebee
1 year, 1 month agoescaprix
1 year, 5 months agoPika26
1 year, 6 months agoPika26
1 year, 7 months agobp339
1 year, 7 months agoLenell
1 year, 10 months agohanyahmed
1 year, 11 months agoDA95
1 year, 11 months agoEric0223
2 years, 1 month agozxccvbnm
2 years, 3 months agoF34
2 years, 6 months agokepalon
2 years, 8 months ago[Removed]
2 years, 10 months agopete1981
2 years, 10 months ago