SSCP · Question #282
SSCP Question #282: Real Exam Question with Answer & Explanation
The correct answer is C: Functional design analysis and Planning. Security requirements are formally developed during the Functional Design Analysis and Planning phase, where system requirements - including security needs - are identified, analyzed, and documented before any implementation begins. Building security in at the design stage is a c
Question
During which phase of an IT system life cycle are security requirements developed?
Options
- AOperation
- BInitiation
- CFunctional design analysis and Planning
- DImplementation
Explanation
Security requirements are formally developed during the Functional Design Analysis and Planning phase, where system requirements - including security needs - are identified, analyzed, and documented before any implementation begins. Building security in at the design stage is a core principle ('security by design'). The Initiation phase (B) identifies the need for the system at a high level. Implementation (D) and Operation (A) occur after requirements have already been defined.
Topics
Community Discussion
No community discussion yet for this question.