Question

A security engineer is embedded with a development team to ensure security is built into products being developed. The security engineer wants to ensure developers are not blocked by a large number of security requirements applied at specific schedule points.

Which of the following solutions BEST meets the engineer's goal?

A. Schedule weekly reviews of al unit test results with the entire development team and follow up between meetings with surprise code inspections.
B. Develop and implement a set of automated security tests to be installed on each development team leader's workstation.
C. Enforce code quality and reuse standards into the requirements definition phase of the waterfall development process.
D. Deploy an integrated software tool that builds and tests each portion of code committed by developers and provides feedback.

Answer 1

The best solution is to deploy an integrated software tool that builds and tests each portion of code committed by developers and provides feedback.

Step-by-step explanation:

The solution that best meets the security engineer's goal is option D, which is to deploy an integrated software tool that builds and tests each portion of code committed by developers and provides feedback.

By implementing this solution, the security engineer ensures that developers are not blocked by a large number of security requirements applied at specific schedule points. The integrated software tool allows for continuous and automated security testing, providing developers with real-time feedback on the security of their code. This way, security is built into the products being developed without causing delays or disruptions in the development process.