Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam
Go to Exam

Exam CISSP topic 1 question 362 discussion

Actual exam question from ISC's CISSP
Question #: 362
Topic #: 1
[All CISSP Questions]

A company is moving from the V model to Agile development. How can the information security department BEST ensure that secure design principles are implemented in the new methodology?

  • A. Information security requirements are captured in mandatory user stories.
  • B. All developers receive a mandatory targeted information security training.
  • C. The information security department performs an information security assessment after each sprint.
  • D. The non-financial information security requirements remain mandatory for the new model.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Cww1 at Sept. 17, 2022, 4:03 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
inmymind84
Highly Voted 2 years, 2 months ago
Selected Answer: A
Assessment cannot guarantee that security principles will be implemented :). A is fine.
upvoted 8 times
jackdryan
1 year, 6 months ago
A is correct
upvoted 1 times
...
...
JAckThePip
Highly Voted 2 years, 1 month ago
Answer is C https://www.breachlock.com/agile-security-devops/
upvoted 5 times
...
klarak
Most Recent 6 months, 3 weeks ago
Selected Answer: C
Rule 1: ANSWER THE ACTUAL QUESTION. It asks has INFORMATION SECURITY can solve this scenario which means C. It can't be A because user stories are a QA/QC function
upvoted 1 times
...
Soleandheel
11 months, 2 weeks ago
A. Information security requirements are captured in mandatory user stories. By capturing information security requirements in mandatory user stories, the security considerations are integrated into the development process, ensuring that secure design principles are addressed throughout the Agile development lifecycle. This approach aligns with the Agile principle of satisfying customers through early and continuous delivery of valuable work, as well as the 12 core principles of Agile, which emphasize the importance of integrating security requirements into the development process to ensure sustainable and secure efforts.
upvoted 1 times
...
ACunningPlan
1 year, 7 months ago
Selected Answer: A
Ha ha, if they did assessment every Sprint it wouldn't be long before nobody was taking it seriously.
upvoted 2 times
...
wedso
1 year, 10 months ago
Selected Answer: C
sprint model
upvoted 2 times
...
WiDeBarulho
2 years, 1 month ago
Selected Answer: A
If they're moving from Agile development model clearly they don't want to be doing tests after each sprint as that is one of the downsides of Agile. Therefore it is critical that security requirements are properly captured before moving to a new methodology.
upvoted 1 times
franbarpro
2 years, 1 month ago
A company is moving from the V model to Agile development
upvoted 2 times
...
...
Cww1
2 years, 2 months ago
im going C
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel