CISM Certified Information Security Manager – Question0734

In which of the following system development life cycle (SDLC) phases are access control and encryption algorithms chosen?

A.
Procedural design
B. Architectural design
C. System design specifications
D. Software development

Correct Answer: C

Explanation:

Explanation:
The system design specifications phase is when security specifications are identified. The procedural design converts structural components into a procedural description of the software. The architectural design is the phase that identifies the overall system design, hut not the specifics. Software development is too late a stage since this is the phase when the system is already being coded.