CDPSE Question #118: Real Exam Question with Answer & Explanation

The correct answer is B: Early in the design phase. The best time during the secure development life cycle to perform privacy threat modeling is early in the design phase, because this will help identify and mitigate the potential privacy risks and vulnerabilities of the system or application before they become costly or difficult

Privacy Architecture

Question

When is the BEST time during the secure development life cycle to perform privacy threat modeling?

Options

AWhen identifying business requirements
BEarly in the design phase
CDuring functional verification testing
DPrior to the production release

Explanation

The best time during the secure development life cycle to perform privacy threat modeling is early in the design phase, because this will help identify and mitigate the potential privacy risks and vulnerabilities of the system or application before they become costly or difficult to fix. Privacy threat modeling is a systematic process of analyzing the data flows, assets, actors, and scenarios of a system or application to identify and prioritize the privacy threats and countermeasures. Performing privacy threat modeling early in the design phase will also help ensure that privacy is built into the system or application from the start, rather than as an afterthought.

Topics

#Privacy Threat Modeling#Secure Development Life Cycle#Privacy by Design#System Design

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice Browse All CDPSE Questions