At which of the following phases of a software development life cycle are security and access
controls normally designed?
A.
Coding
B.
Product design
C.
Software plans and requirements
D.
Detailed design
Explanation:
Security controls and access controls are normally designed in the “Detailed” phase
of design. In this phase you have the design of many of the security features of your development
like authentication, confidentiality functionality, non repudiation capabilities. In this phase you can
also define what is going to be the access control method for the software, we can make it
discretionary (less restrictive), mandatory (more restrictive), role based and others.