Certified Information Systems Security Professional – CISSP – Question336

In order for application developers to detect potential vulnerabilities earlier during the Software Development Life Cycle (SDLC), which of the following safeguards should be implemented FIRST as part of a comprehensive testing framework?

A.
Source code review
B. Acceptance testing
C. Threat modeling
D. Automated testing

Correct Answer: A