You need to recommend a security methodology for a DevOps development process based on the Microsoft Cloud Adoption Framework for Azure. During which stage of a continuous integration and continuous deployment (CI/CD) DevOps process should each security-related task be performed?

Note: Each correct selection is worth one point.

To provide context, modern development practices often follow an agile methodology. Scrum, a popular implementation of the agile methodology, begins each sprint with a planning activity. Integrating security into this part of the development process involves the following tasks:

• Conducting threat modeling to view the application from the perspective of a potential attacker
• Using IDE security plug-ins and pre-commit hooks for lightweight static analysis checks within an integrated development environment (IDE)
• Implementing peer reviews and secure coding standards to ensure effective security coding practices and peer review processes, including pre-commit hooks.