In a system life cycle, information security controls should be:
A.
Designed during the product implementation phase.
B.
Specified after the coding phase.
C.
Part of the feasibility phase.
D.
Implemented prior to validation.
Explanation:
In the system life cycle, information security
controls should be part of the feasibility phase. The other
answers are incorrect because the basic premise of information system
security is that controls should be included in the earliest phases
of the software life cycle and not added later in the cycle or as an
afterthought.
Planning phase
0
0