Which of the following phases of the ISSE model is used to determine why the system needs to be built and what information needs to be protected.
Click on the arrows to vote for the correct answer
A. B. C. D.C.
The Information Systems Security Engineering (ISSE) model is a structured framework that guides the development and management of secure information systems. The ISSE model consists of six phases, which are Initiation, Development, Implementation, Operation, Maintenance, and Disposal. Each of these phases is important in the overall process of developing and managing secure information systems.
The phase that is used to determine why the system needs to be built and what information needs to be protected is the Define system security requirements phase. This phase is focused on identifying and defining the security requirements for the information system.
During this phase, the security requirements are derived from the system requirements, the security policy, and other relevant documents. The security requirements describe what needs to be protected and how it needs to be protected. The security requirements also define the security objectives, constraints, and assumptions for the system.
The security requirements are used to guide the development of the security architecture and the security design. The security requirements are also used to verify that the security objectives are met throughout the system development life cycle.
The other phases of the ISSE model are also important in the overall process of developing and managing secure information systems. The Develop detailed security design phase is focused on developing a detailed design that meets the security requirements. The Discover information protection needs phase is focused on identifying and documenting the information that needs to be protected. The Define system security architecture phase is focused on developing the overall security architecture for the system.
In summary, the Define system security requirements phase is used to determine why the system needs to be built and what information needs to be protected. This phase is important in the overall process of developing and managing secure information systems, as it guides the development of the security architecture and the security design.