nerdexam
(ISC)2

CISSP · Question #538

Functional security testing is MOST critical during which phase of the system development life cycle (SDLC)?

The correct answer is C. Acquisition / Development. Functional security testing is most critical during the acquisition / development phase of the system development life cycle (SDLC). Functional security testing is a type of software testing that verifies that the system meets the functional security requirements and specificatio

Submitted by jakub_pl· Mar 5, 2026Software Development Security

Question

Functional security testing is MOST critical during which phase of the system development life cycle (SDLC)?

Options

  • AOperations / Maintenance
  • BImplementation
  • CAcquisition / Development
  • DInitiation

How the community answered

(50 responses)
  • A
    2% (1)
  • B
    2% (1)
  • C
    92% (46)
  • D
    4% (2)

Explanation

Functional security testing is most critical during the acquisition / development phase of the system development life cycle (SDLC). Functional security testing is a type of software testing that verifies that the system meets the functional security requirements and specifications, such as authentication, authorization, encryption, logging, and error handling. Functional security testing can help identify and correct any security flaws or vulnerabilities in the system before it is deployed or released. The acquisition / development phase is the phase where the system is designed, coded, tested, and integrated. This is the phase where functional security testing should be performed as part of the quality assurance and security assurance processes, and where security should be built into the system from the start, following the principle of secure by

Topics

#SDLC#functional security testing#security in development#software assurance

Community Discussion

No community discussion yet for this question.

Full CISSP Practice