nerdexam
Isaca

CDPSE · Question #270

Which of the following BEST demonstrates that security considerations are embedded in DevOps operations for application development?

The correct answer is B. Application hardening is performed before rollout of the application.. DevSecOps means security is integrated as an active, technical step within the development and deployment pipeline-not just as a policy or training exercise. Application hardening before rollout (reducing attack surfaces, disabling unnecessary services, applying secure configurat

Privacy Architecture

Question

Which of the following BEST demonstrates that security considerations are embedded in DevOps operations for application development?

Options

  • AThe compliance team is involved in both pre-implementation and post-implementation stages.
  • BApplication hardening is performed before rollout of the application.
  • CCode review is conducted during the software development life cycle (SDLC).
  • DThe engineering team has been trained on security and privacy policies.

How the community answered

(21 responses)
  • A
    10% (2)
  • B
    81% (17)
  • C
    5% (1)
  • D
    5% (1)

Explanation

DevSecOps means security is integrated as an active, technical step within the development and deployment pipeline-not just as a policy or training exercise. Application hardening before rollout (reducing attack surfaces, disabling unnecessary services, applying secure configurations) is a concrete technical security control embedded directly in the release process. Options A and D reflect organizational involvement and awareness, but not technical embedding. Option C (code review during SDLC) is a good practice but is not specific to DevOps operations; it describes a general SDLC activity.

Topics

#DevSecOps#Application Security#Security Controls#Secure Software Development Life Cycle

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice