The options provided relate to different privacy-preserving practices in the SDLC. The goal is to identify the least effective one for privacy preservation.
Option A: Conducting privacy threat modeling for the use-case is essential as it helps identify potential privacy threats early in the SDLC. This is a proactive measure and is highly effective.
Option B: Following secure and privacy coding standards ensures that the code adheres to best practices for security and privacy, which is crucial for preventing vulnerabilities.
Option C: Developing data flow modeling to identify sources and destinations of sensitive data is critical for understanding and protecting sensitive information throughout the system.
Option D: Reviewing the code against OWASP Top 10 Security Risks is more focused on security vulnerabilities rather than privacy-specific issues. While it is a critical practice for overall system security, it does not specifically address privacy concerns as comprehensively as the other options.
References:
IAPP CIPT Study Guide
OWASP Top 10 Documentation
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit