CSSLP Certification Sample Questions

CSSLP Dumps, CSSLP PDF, CSSLP VCE, ISC2 Secure Software Lifecycle Professional VCEThe purpose of this Sample Question Set is to provide you with information about the ISC2 Secure Software Lifecycle Professional (CSSLP) exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the CSSLP certification test. To get familiar with real exam environment, we suggest you try our Sample ISC2 CSSLP Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual ISC2 Certified Secure Software Lifecycle Professional (CSSLP) certification exam.

These sample questions are simple and basic questions that represent likeness to the real ISC2 Secure Software Lifecycle Professional exam questions. To assess your readiness and performance with real-time scenario based questions, we suggest you prepare with our Premium ISC2 CSSLP Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.

ISC2 CSSLP Sample Questions:

01. The amount of time by which business operations need to be restored to service levels as expected by the business when there is a security breach or disaster is known as
a) Maximum tolerable downtime (MTD)
b) Mean time before failure (MTBF)
c) Minimum security baseline (MSB)
d) Recovery time objective (RTO)
 
02. Which of the following legal instruments assures the confidentiality of software programs, processing logic, database schema, and internal organizational business processes and client lists?
a) Noncompete agreements
b) Nondisclosure agreements (NDA)
c) Service level agreements (SLA)
d) Trademarks
 
03. In which of the following software development methodologies does unit testing enable collective code ownership and is critical to assure software assurance?
a) Waterfall
b) Agile
c) Spiral
d) Prototyping
 
04. Certificate authority, registration authority, and certificate revocation lists are all part of which of the following?
a) Advanced encryption standard (AES)
b) Steganography
c) Public key infrastructure (PKI)
d) Lightweight directory access protocol (LDAP)
 
05. Developing software to monitor its functionality and report when the software is down and unable to provide the expected service to the business is a protection to assure which of the following?
a) Confidentiality
b) Integrity
c) Authentication
d) Availability
 
06. When reporting a security defect in the software, which of the following also needs to be reported so that variance from the intended behavior of the software can be determined?
a) Defect identifier
b) Title
c) Expected results
d) Tester name
 
07. As a means to assure the confidentiality of copyright information, the security analyst identifies the requirement to embed information inside another digital audio, video, or image signal. This is commonly referred to as
a) Encryption
b) Hashing
c) Licensing
d) Watermarking
 
08. A means of restricting access to objects based on the identity of subjects and/or groups to which they belong is the definition of
a) Nondiscretionary access control (NDAC)
b) Discretionary access control (DAC)
c) Mandatory access control (MAC)
d) Rule-based access control
 
09. The first step in the incident response process of a reported breach is to
a) Research the validity of the alert or event further
b) Notify management of the security breach
c) Inform potentially affected customers of a potential breach
d) Conduct an independent third party evaluation to investigate the reported breach
 
10. When the code is not allowed to access memory at arbitrary locations that are out of range of the memory address space that belongs to the object’s publicly exposed fields, it is referred to as which of the following types of code?
a) Object code
b) Type safe code
c) Obfuscated code
d) Source code

Answers:

Question: 01
Answer: d
Question: 02
Answer: b
Question: 03
Answer: b
Question: 04
Answer: c
Question: 05
Answer: d
Question: 06
Answer: c
Question: 07
Answer: d
Question: 08
Answer: b
Question: 09
Answer: a
Question: 10
Answer: b

Note: For any error in ISC2 Certified Secure Software Lifecycle Professional (CSSLP) certification exam sample questions, please update us by writing an email on feedback@edusum.com.

Rating: 4.8 / 5 (39 votes)