CSSLP · Question #227
CSSLP Question #227: Real Exam Question with Answer & Explanation
The correct answer is C: Implementation Phase. The Implementation Phase of the SDLC is where a system's security features are configured and activated, the system undergoes testing, is installed, and receives authorization to operate. This phase transitions the system from development to a functional, secure state.
Question
In which of the following SDLC phases is the system's security features configured and enabled, the system is tested and installed or fielded, and the system is authorized for processing?
Options
- ADevelopment/Acquisition Phase
- BOperation/Maintenance Phase
- CImplementation Phase
- DInitiation Phase
Explanation
The Implementation Phase of the SDLC is where a system's security features are configured and activated, the system undergoes testing, is installed, and receives authorization to operate. This phase transitions the system from development to a functional, secure state.
Common mistakes.
- A. The Development/Acquisition Phase focuses on designing, coding, and acquiring the system, not typically the final configuration, testing, and authorization for processing.
- B. The Operation/Maintenance Phase focuses on the day-to-day operation, monitoring, and ongoing maintenance of the system after it has been deployed, not the initial configuration, testing, and installation.
- D. The Initiation Phase involves defining the need for a system, conducting feasibility studies, and establishing initial security requirements, but does not involve the physical configuration, testing, or installation.
Concept tested. SDLC phases - Implementation Phase
Reference. https://csrc.nist.gov/publications/detail/sp/800-64/rev-2/final
Topics
Community Discussion
No community discussion yet for this question.