A security analyst has been asked to perform a review of an organization’s software development
lifecycle. The analyst reports that the lifecycle does not contain a phase in which team members evaluate
and provide critical feedback of another developer’s code. Which of the following assessment techniques
is BEST described in the analyst’s report?
A.
Architecture evaluation
B.
Baseline reporting
C.
Whitebox testing
D.
Peer review