hiexam
comptia · CAS-003 · Q428 · multiple_choice · topic_1

A security engineer is working with a software development team. The engineer is tasked with ensuring all security requ…

A security engineer is working with a software development team. The engineer is tasked with ensuring all security requirements are adhered to by the developers. Which of the following BEST describes the contents of the supporting document the engineer is creating?
  • A.A series of ad-hoc tests that each verify security control functionality of the entire system at once.
  • B.A series of discrete tasks that, when viewed in total, can be used to verify and document each individual constraint from the SRTM.
  • C.A set of formal methods that apply to one or more of the programing languages used on the development project.
  • D.A methodology to verify each security control in each unit of developed code prior to committing the code.
Explanation
B. A security requirements traceability matrix (SRTM) is a grid that allows documentation and easy viewing of what is required for a system’s security. SRTMs are necessary in technical projects that call for security to be included.

Reference: examtopics_top_comment

Practice with progress tracking

Sign in to track wrong answers, get spaced-repetition reminders, and run timed exam mode.

Start tracked practicePricing