Which activity is a core phase of a secure SDLC?

Enhance your coding skills with the Code Standards and Practices Level 3 Test. Access well-crafted questions, insightful explanations, and progress tracking to master this exam. Prepare effectively for your Level 3 certification with our comprehensive study materials!

Multiple Choice

Which activity is a core phase of a secure SDLC?

Explanation:
Threat modeling identifies potential security threats and attack paths early in the software development life cycle. By analyzing assets, actors, and how the system could be attacked, it helps teams design appropriate protections into the architecture and requirements, shifting security left to reduce risk and cost. Marketing planning, customer training, and data migration serve goals outside secure design—marketing focuses on product launches, customer training happens after deployment for usage, and data migration deals with moving data between environments—so they aren’t the activities that directly advance secure development.

Threat modeling identifies potential security threats and attack paths early in the software development life cycle. By analyzing assets, actors, and how the system could be attacked, it helps teams design appropriate protections into the architecture and requirements, shifting security left to reduce risk and cost. Marketing planning, customer training, and data migration serve goals outside secure design—marketing focuses on product launches, customer training happens after deployment for usage, and data migration deals with moving data between environments—so they aren’t the activities that directly advance secure development.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy