CSSLP Certification Sample Questions

CSSLP Dumps, CSSLP PDF, CSSLP VCE, ISC2 Secure Software Lifecycle Professional VCEThe purpose of this Sample Question Set is to provide you with information about the ISC2 Secure Software Lifecycle Professional (CSSLP) exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the CSSLP certification test. To get familiar with real exam environment, we suggest you try our Sample ISC2 CSSLP Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual ISC2 Certified Secure Software Lifecycle Professional (CSSLP) certification exam.

These sample questions are simple and basic questions that represent likeness to the real ISC2 Secure Software Lifecycle Professional exam questions. To assess your readiness and performance with real-time scenario based questions, we suggest you prepare with our Premium ISC2 CSSLP Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.

ISC2 CSSLP Sample Questions:

01. Which of the following is a security standard associated with the collection, processing, and storing of credit card data?
a) Gramm-Leach-Bliley
b) PCI DSS
c) HIPAA
d) HITECH
 
02. A security policy that is associated with securing PII is an example of what type of computer security policy?
a) System-specific policy
b) Program policy
c) Organizational policy
d) Issue-specific policy
 
03. Backups are an example of what type of control?
a) Preventive
b) Detective
c) Corrective
d) Operational
 
04. To match the level of protection desired for data, which of the following elements is used?
a) Data classification
b) Impact analysis
c) Data usage
d) Security rules
 
05. An activity designed to clarify requirements through the modeling of expected behaviors of a system is called what?
a) Functional requirement decomposition
b) Requirement traceability matrix
c) Threat modeling
d) Use-case modeling
 
06. The attack surface of your project seems to grow faster than it should. Which of the following is probably not a fruitful place to look?
a) Number of modules/routines in the project
b) Privilege level of the credentials used to run the application
c) Network address space from which the program is addressable
d) Privilege level of users using the application
 
07. Input strings similar to %2e%2e%2f are indicative of what type of attack?
a) Command injection
b) SQL injection
c) Directory traversal
d) Buffer overflow
 
08. Designing a system so all parties can easily understand design objectives and maintaining a simple design embrace the principle of?
a) Single point of failure
b) Least common mechanism
c) Fail safe
d) Open design
 
09. What was described in the chapter as being essential in order to implement discretionary access control?
a) Object owner–defined security access
b) Certificates
c) Labels
d) Security classifications
 
10. Functional testing is used to determine which of the following characteristics?
a) Reliability, bugs, performance, and scalability
b) Resiliency, logic, security, and testability
c) Resiliency, bugs, requirements, and scalability
d) Reliability, logic, performance, and scalability

Answers:

Question: 01
Answer: b
Question: 02
Answer: d
Question: 03
Answer: c
Question: 04
Answer: a
Question: 05
Answer: d
Question: 06
Answer: a
Question: 07
Answer: c
Question: 08
Answer: d
Question: 09
Answer: a
Question: 10
Answer: d

Note: For any error in ISC2 Certified Secure Software Lifecycle Professional (CSSLP) certification exam sample questions, please update us by writing an email on feedback@edusum.com.

Rating: 4.8 / 5 (41 votes)