A large financial institution is implementing a new CRM system that will integrate with their existing banking applications. During the integration phase, the security team identifies several potential vulnerabilities. Which approach should the security architect recommend to address these vulnerabilities while maintaining the project timeline?
Implement security controls as part of the integration process and conduct security testing before moving to production
Deploy the integrated system and implement security controls after confirming functionality in production
Accelerate the integration timeline and reduce the scope of security controls to meet business demands
Postpone security implementation until after integration is complete to avoid delaying the project timeline
The correct answer is to implement security controls as part of the integration process and conduct security testing before moving to production. This approach follows secure system integration practices by addressing security issues during the integration phase rather than postponing them. Integration testing with security controls in place helps identify interaction vulnerabilities between components before deployment.
Postponing security until after integration is complete violates the principle of building security in from the start and can lead to significant rework if vulnerabilities are found later. Accelerating the timeline at the expense of security controls introduces unnecessary risk. Implementing all security controls after deployment creates a window of vulnerability and may be more costly to remediate than addressing issues during integration.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are security controls and why are they important during system integration?
Open an interactive chat with Bash
What is secure system integration and how does it differ from regular integration?
Open an interactive chat with Bash
What are the common vulnerabilities that might be identified during the integration phase?
Open an interactive chat with Bash
ISC2 CISSP
Security Architecture and Engineering
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access