A security architect has been engaged during the implementation stage of the SDLC to review a new HR software installation for security gaps. With the project under a tight schedule to meet market commitments on project delivery, which of the following security activities should be prioritized by the security architect? (Select TWO).
A . Perform penetration testing over the HR solution to identify technical vulnerabilities
B . Perform a security risk assessment with recommended solutions to close off high-rated risks
C . Secure code review of the HR solution to identify security gaps that could be exploited
D . Perform access control testing to ensure that privileges have been configured correctly
E . Determine if the information security standards have been complied with by the project
Answer: B, E
Leave a Reply