SeSDLC

Created by

Zach Tecson

Cards (6)

The ____ phase of the SecSDLC begins with a directive from upper management, dictating the process, outcomes, and goals of the project, as well as its budget and other constraints.
Frequently, this phase begins with an enterprise information security policy (EISP), which outlines the implementation of a security program within the organization.
Investigation
In the ____ phase, the documents from the investigation phase are studied. The development team conducts a preliminary analysis of existing security policies or programs, along with that of documented current threats and associated controls.
This phase also includes an ____ of relevant legal issues that could affect the design of the security solution.
Analysis
The ____ phase creates and develops the blueprints for information security and examines and implements key policies that influence later decisions.
Also at this stage, the team plans the incident response actions to be taken in the event of partial or catastrophic loss.
Logical Design
The ____ phase evaluates the information security
technology needed to support the blueprint outlined in the logical
design generates alternative solutions and determines a final
design.
Physical Design
The security solutions are acquired (made or bought), tested, implemented, and tested again.
Personnel issues are evaluated, and specific training and education programs conducted.
Implementation
Information security systems need constant monitoring, testing, modification, updating, and repairing.
Maintenance and Change