A large financial institution is implementing a new CRM system that must integrate with its existing banking applications, data warehouses, and customer authentication services. During the integration phase of the project, the security team identifies several potential vulnerabilities that could affect confidential customer data. Which approach should the security architect recommend to address these vulnerabilities while keeping the project on schedule?
Deploy the integrated system and implement security controls after confirming functionality in production
Implement security controls as part of the integration process and conduct security testing before moving to production
Postpone security implementation until after integration is complete to avoid delaying the project timeline
Accelerate the integration timeline and reduce the scope of security controls to meet business demands
The correct answer is to implement security controls as part of the integration process and conduct security testing before moving to production. This approach follows secure system integration practices by addressing security issues during the integration phase rather than postponing them. Integration testing with security controls in place helps identify interaction vulnerabilities between components before deployment.
Postponing security until after integration is complete violates the principle of building security in from the start and can lead to significant rework if vulnerabilities are found later. Accelerating the timeline at the expense of security controls introduces unnecessary risk. Implementing all security controls after deployment creates a window of vulnerability and may be more costly to remediate than addressing issues during integration.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are secure system integration practices?
Open an interactive chat with Bash
Why is it important to address security during the integration phase?
Open an interactive chat with Bash
What types of security testing should be conducted before system deployment?
Open an interactive chat with Bash
ISC2 CISSP
Security Architecture and Engineering
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .