Security issues often arise due to vulnerabilities in the code. Training developers in secure coding practices helps mitigate this risk.
A security training program equips developers to identify and address common vulnerabilities like injection flaws, insecure deserialization, and others.
Why Other Options Are Less Relevant:
A. Network-based intrusion detection systems: Useful for detecting attacks but do not address the root cause of insecure coding.
C. A risk management process: Focuses on organizational risk but does not directly resolve development flaws.
D. An audit management process: Ensures compliance but does not directly enhance developer knowledge or secure coding practices.
EC-Council CISO Reference:Emphasis is placed on proactive security measures, including developer training, as a core aspect of reducing vulnerabilities.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit