Which statement is NOT aligned with Req 6.5 for software development practices?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the PCI DSS Test with detailed questions and explanations. Use flashcards and quizzes to enhance knowledge. Ensure you're ready for your certification exam!

Multiple Choice

Which statement is NOT aligned with Req 6.5 for software development practices?

Explanation:
Req 6.5 expects that software developed internally follows secure coding practices. It supports establishing secure coding guidelines as a baseline, training developers in secure coding techniques, and building applications in line with those secure guidelines. Training helps developers recognize and prevent common vulnerabilities; a secure coding baseline ensures everyone uses the same secure standards; and building software based on those guidelines translates security into the actual product. The statement that is not aligned is developing applications based on insecure coding guidelines. Using insecure guidelines would propagate vulnerabilities through the software, directly contradicting the purpose of secure development practices under this requirement. The other statements—training developers in secure techniques, establishing secure coding guidelines as a baseline, and developing applications according to those secure guidelines—are all consistent with Req 6.5.

Req 6.5 expects that software developed internally follows secure coding practices. It supports establishing secure coding guidelines as a baseline, training developers in secure coding techniques, and building applications in line with those secure guidelines. Training helps developers recognize and prevent common vulnerabilities; a secure coding baseline ensures everyone uses the same secure standards; and building software based on those guidelines translates security into the actual product.

The statement that is not aligned is developing applications based on insecure coding guidelines. Using insecure guidelines would propagate vulnerabilities through the software, directly contradicting the purpose of secure development practices under this requirement. The other statements—training developers in secure techniques, establishing secure coding guidelines as a baseline, and developing applications according to those secure guidelines—are all consistent with Req 6.5.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy