nerdexam
(ISC)2

CISSP · Question #709

In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?

The correct answer is B. Initiation. Security training for the development team should begin in the initiation phase of the System Development Life Cycle (SDLC). This is the phase where the security requirements and objectives are defined and the project scope and feasibility are determined. The development team sho

Submitted by jaden.t· Mar 5, 2026Software Development Security

Question

In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?

Options

  • ADevelopment/Acquisition
  • BInitiation
  • CImplementation/ Assessment
  • DDisposal

How the community answered

(50 responses)
  • A
    2% (1)
  • B
    92% (46)
  • C
    4% (2)
  • D
    2% (1)

Explanation

Security training for the development team should begin in the initiation phase of the System Development Life Cycle (SDLC). This is the phase where the security requirements and objectives are defined and the project scope and feasibility are determined. The development team should be aware of the security expectations and best practices from the start of the project, and receive continuous training throughout the SDLC. The other phases are not the best time to start security training, as they involve more specific tasks such as design, coding, testing, deployment, and maintenance.

Topics

#SDLC security#security training#security by design#initiation phase

Community Discussion

No community discussion yet for this question.

Full CISSP Practice