CySA+ CS0-001 – Q. 215


A security analyst performed a review of an organization’s software development life cycle. The analyst reports that the life cycle does not contain in a phase in which team members evaluate and provide critical feedback on another developer’s code. Which of the following assessment techniques is BEST for describing the analyst’s report?

A. Architectural evaluation
B. Waterfall
C. Whitebox testing
D. Peer review