CAS-001 Question #88: Real Exam Question with Answer & Explanation

The correct answer is B: Secure Software Implementation. The Secure Software Implementation phase is where developers write the actual code. It is in this phase that secure coding practices are applied, exploit mitigations (e.g., stack canaries, input bounds checking) are built in, and unit tests-including security-focused tests-are wr

Question

Unit testing for security functionality and resiliency to attack, as well as developing secure code and exploit mitigation, occur in which of the following phases of the Secure Software Development Lifecycle?

Options

ASecure Software Requirements
BSecure Software Implementation
CSecure Software Design
DSoftware Acceptance

Explanation

The Secure Software Implementation phase is where developers write the actual code. It is in this phase that secure coding practices are applied, exploit mitigations (e.g., stack canaries, input bounds checking) are built in, and unit tests-including security-focused tests-are written and executed to verify that individual components behave correctly and resist attack. The Requirements phase defines what security controls are needed. The Design phase plans how those controls will be architected. Software Acceptance involves higher-level integration and user acceptance testing, not unit-level security testing of individual code components.

Community Discussion

No community discussion yet for this question.

Full CAS-001 Practice