Secure Sdlc — CompTIA CySA+ (CS0-003) Practice Questions
The Secure Software Development Life Cycle (Secure SDLC) integrates security controls and reviews at every phase of software development, from requirements and design through coding, testing, and deployment. On the CySA+ exam, candidates are expected to know where security activities such as threat modeling, static analysis, and penetration testing fit within the SDLC. Integrating security early, often called shifting left, reduces the cost and risk of remediating vulnerabilities discovered late in development or after release. Analysts working with development teams need this knowledge to communicate findings and recommend fixes in context.
Free questions on secure sdlc
An analyst discovers that user account passwords are stored in plaintext in an application configuration file. This is discovered during a code review before the application is deployed to production. What is the appropriate response?
Free question · easy · full answer + explanation
More secure sdlc questions in the full bank
- You identify recurring vulnerabilities in specific applications. What is the systemic response? Unlock answer & explanation →