A deployment manager is working with a software development group to assess the security of a new version of the organization's internally developed ERP tool. The organization prefers to not perform assessment activities following deployment, instead focusing on assessing security throughout the life cycle. Which of the following methods would BEST assess the security of the product?
A) Static code analysis in the IDE environment
B) Penetration testing of the UAT environment
C) Vulnerability scanning of the production environment
D) Penetration testing of the production environment
E) Peer review prior to unit testing
Correct Answer:
Verified
Q26: A SaaS-based email service provider often receives
Q27: A web developer has implemented HTML5 optimizations
Q28: The Chief Information Security Officer (CISO) has
Q29: An organization is preparing to develop a
Q30: A hospital's security team recently determined its
Q32: A security engineer must establish a method
Q33: Which of the following BEST represents a
Q34: A company is developing requirements for a
Q35: A team is at the beginning stages
Q36: An agency has implemented a data retention
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents