Which of the following is the BEST technique to facilitate secure software development?
Correct Answer: A
Secure software development is a process of designing, developing, testing, and maintaining software systems or applications that meet the security requirements and standards of the organization and the stakeholders. The best technique to facilitate secure software development is to adhere to secure coding practices for the software application under development. Secure coding practices are guidelines or principles that help to prevent or mitigate common security vulnerabilities or flaws in the software code, such as buffer overflow, injection, cross-site scripting, or broken authentication. Secure coding practices can help to improve the quality, reliability, and security of the software application, as well as reduce the cost and time of fixing the security issues later. Conducting penetration testing, developing a threat modeling review, or performing a code review process are also good techniques to facilitate secure software development, but they are not as effective or proactive as adhering to secure coding practices. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 21: Software Development Security, page 1157; CISSP Official (ISC)2 Practice Tests, Third Edition, Domain 8: Software Development Security, Question 8.1, page 302.