SY0-301 · Question #310
Which of the following assessment techniques would a security administrator implement to ensure that systems and software are developed properly?
The correct answer is D. Design reviews. Design reviews are a proactive assessment technique performed during the software development lifecycle (SDLC) to evaluate architecture, design decisions, and security controls before or during development - ensuring systems are built properly from the ground up. Baseline reporti
Question
Which of the following assessment techniques would a security administrator implement to ensure that systems and software are developed properly?
Options
- ABaseline reporting
- BInput validation
- CDetermine attack surface
- DDesign reviews
How the community answered
(18 responses)- A6% (1)
- B6% (1)
- D89% (16)
Explanation
Design reviews are a proactive assessment technique performed during the software development lifecycle (SDLC) to evaluate architecture, design decisions, and security controls before or during development - ensuring systems are built properly from the ground up. Baseline reporting (A) compares current system state against a known-good standard, used for operational monitoring rather than development assurance. Input validation (B) is a coding-level security control that sanitizes user input to prevent injection attacks - it is a development practice, not an assessment technique. Determining the attack surface (C) identifies potential entry points, which is a threat modeling activity. Design reviews specifically address whether the overall system and software design meets security and functional requirements, making it the correct assessment technique for ensuring proper development.
Topics
Community Discussion
No community discussion yet for this question.