A security engineer is required to integrate security into a software project that is implemented by small groups that quickly, continuously, and independently develop, test, and deploy code to the cloud. The engineer will MOST likely integrate with which software development process?
A security engineer looking to integrate security into a software project that involves small groups rapidly and independently developing, testing, and deploying code to the cloud is most likely to integrate with the DevOps Integrated Product Team (IPT) process. DevOps emphasizes collaboration between development and IT operations teams to allow for frequent, fast code releases, which aligns well with the described situation. DevOps practices are designed to support continuous integration and continuous delivery (CI/CD), making them well-suited for environments requiring quick and independent code deployments.
An Integrated Product Team (IPT) is a team composed of representatives from appropriate functional disciplines working together to build successful programs, identify and resolve issues, and make sound and timely recommendations to facilitate decision-making. The spiral model is a systems development lifecycle (SDLC) method used for risk management that combines the iterative development process model with elements of the Waterfall model. The spiral model is used by software engineers and is favored for large, expensive and complicated projects. Going with "D" - bcs they are looking for the MOST likely for software development process.
Software Development “process” can only be B or D
Devops can release code multiple times per day. Spiral uses iterations of the waterfall method, so it's iterative but not fast.
A is correct
Answer is D "Development is fast and features are added in a systematic way in Spiral development" https://www.guru99.com/what-is-spiral-model-when-to-use-advantages-disadvantages.html
Agree to A, it's Agile type
Spiral is a slow development model (typically 6 months). An integrated Product Team (IPT) is made up of small teams that work to deliver products continuously. https://www.clickittech.com/devops/devops-team/
Another is DevOps, a set of principles and general practices than a development model. DevOps stresses the collaboration of developers and IT operations teams to form an environment where software can be rapidly developed, tested, and released in a largely automated process
BTW, Integrated Product Team (IPT) requires the team to work together, not independently.
CISSP Official Student Guide pg 60 "An IPT is a team of stakeholders and individuals that possess various skills who work together to achieve a defined process or product. IPTs would draw from many different disciplines across the organization and across the business or mission area, to engage many different viewpoints consistently throughout the lifecycle of the new system being developed." The answer indicated a DEVOPS IPT; a software development version of IPT. Also, it not Spiral because Spiral is a modified version of the Waterfall method - it is not agile; it just allows for iterations.
D seems correct. From the CBK - The *DevOps* model is closely aligned with the Agile development approach and aims to dramatically decrease the time required to develop, test, and deploy software changes.
Sorry, I meant A
Answer is D
What about the waterfall?
The answer is C given that small groups work "independently." SOA allows the use of API between independently deployed apps.
A. Devops Integrated Product Team (IPT) In a DevOps environment, small groups quickly develop, test, and deploy code to the cloud continuously and independently. Integrating security into the DevOps process is essential to ensure that security considerations are addressed throughout the development lifecycle, rather than as an afterthought.
Devops working in independent teams
Based on keyword 'quickly'. , B &D are excluded. A- Devops focus on teamwork, more discussion and communicaiton C- SOA- Small groups, quick,independently work/develop
Continuous integration? Sounds a lot like CI/CD pipeline... more in line with DevOps. Thats how I came to my conclusion. Answer is A.