When considering an IT System Development Life-cycle, security should be:

A.
Mostly considered during the initiation phase.

B.
Mostly considered during the development phase.

C.
Treated as an integral part of the overall system design.

D.
Added once the design is completed.

Explanation:
Within the System Development Life-cycle (SDLC) model, security is critical in each phase of the life cycle.
Incorrect Answers:
A: Security is critical to each phase of the SDLC model, not only the initiation phase.
B: Security is critical to each phase of the SDLC model, not only the development phase.
D: Security is critical to each phase of the SDLC model, and is not added when the design is completed.

Conrad, Eric, Seth Misenar and Joshua Feldman, CISSP Study Guide, 2nd Edition, Syngress, Waltham, 2012,
p. 1087