ISC2 Exam CISSP Topic 6 Question 76 Discussion

Actual exam question for ISC2's CISSP exam

Question #: 76
Topic #: 6

A security professional recommends that a company integrate threat modeling into its Agile development processes. Which of the following BEST describes the benefits of this approach?

AReduce application development costs.

BPotential threats are addressed later in the Software Development Life Cycle (SDLC).

CImprove user acceptance of implemented security controls.

DPotential threats are addressed earlier in the Software Development Life Cycle (SDLC).

Show Suggested Answer

Suggested Answer: B

by Arlene at Oct 06, 2023, 03:33 PM

Limited Time Offer

25%

Off

Get Premium CISSP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Sommer

1 days ago

Haha, reducing application development costs? That's a good one! Security is an investment, not a cost-saving measure. I'll go with option D.

upvoted 0 times

...

Kristine

7 days ago

Option B seems incorrect. Addressing threats later in the SDLC is actually a drawback, not a benefit. Threat modeling helps shift security to the left, which is the way to go.

upvoted 0 times

...

Selene

8 days ago

Yeah, it can improve the overall security of the application.

upvoted 0 times

...

I think option D is the best answer. Addressing potential threats earlier in the SDLC is a key benefit of integrating threat modeling into Agile development. This helps identify and mitigate issues before they become more costly to fix.

upvoted 0 times

...

Justine

13 days ago

I agree, it helps address potential threats earlier in the SDLC.

upvoted 0 times

...

Gretchen

14 days ago

I think integrating threat modeling into Agile development is a good idea.

upvoted 0 times

...

ISC2 Exam CISSP Topic 6 Question 76 Discussion

Contribute your Thoughts:

Sommer

Kristine

Selene

German

Justine

Gretchen