During the initial phase of a mission-critical financial system development, the security architect must determine which of the following approaches is BEST for gathering stakeholders' security requirements?
Conduct facilitated workshops with key stakeholders representing different business functions
Review past security breach reports from similar financial institutions to define requirements
Delegate security requirement gathering to department heads who will submit their needs independently
Deploy automated scanning tools to generate a list of security requirements based on industry standards
The correct answer is conducting facilitated workshops with key stakeholders representing different business functions. When gathering security requirements for mission-critical systems, especially financial ones, bringing together diverse stakeholders in facilitated workshops provides several advantages. This approach ensures comprehensive input from various perspectives (technical, business, compliance, end-users), allows for real-time discussion of security trade-offs, helps build consensus, and identifies potential conflicts early. The other approaches have limitations: automated scanning tools focus on technical vulnerabilities rather than business requirements; reviewing past breach reports may provide insights but doesn't capture current business needs or priorities; and delegating requirement gathering to department heads may miss cross-functional dependencies and create disjointed requirements.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are facilitated workshops and why are they effective?
Open an interactive chat with Bash
What is stakeholder engagement, and why is it crucial in security requirement gathering?
Open an interactive chat with Bash
What are the limitations of relying solely on automated scanning tools for security requirements?
Open an interactive chat with Bash
ISC2 CISSP
Security Architecture and Engineering
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access