ISC2 CSSLP Certification Sample Questions

CSSLP Dumps, CSSLP Dumps, CSSLP PDF, CSSLP VCE, ISC2 CSSLP VCE, ISC2 CSSLP PDFThe purpose of this Sample Question Set is to provide you with information about the ISC2 Secure Software Lifecycle Professional exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the CSSLP certification test. To get familiar with real exam environment, we suggest you try our Sample ISC2 CSSLP Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual ISC2 Certified Secure Software Lifecycle Professional (CSSLP) certification exam.

These sample questions are simple and basic questions that represent likeness to the real ISC2 CSSLP exam questions. To assess your readiness and performance with real time scenario based questions, we suggest you prepare with our Premium ISC2 CSSLP Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.

ISC2 CSSLP Sample Questions:

01. The ability of an application to restore itself to expected functionality after the security protection is breached or bypassed is called:
a) Resilience
b) Recoverability
c) Reliability
d) Restoration
02. Which of the following is measured in dollars?
a) Exposure factor
b) SLE
c) ARO
d) Impact factor
03. Verifying that code can perform in a particular manner under production conditions is a task managed by:
a) Static code analysis
b) Dynamic code analysis
c) Production testing
d) Code walkthroughs
04. Which of the following is not a mitigation method for threats identified in threat modeling?
a) Redesign to eliminate vulnerability.
b) Apply a standard mitigation.
c) Change the security requirements to eliminate the threat.
d) Accept the vulnerability.
05. Data classification is performed at which stage of the lifecycle model?
a) Data retention
b) Disposal
c) Generation
d) Data reduction
06. An international standard for establishing quality in software products is:
a) ISO 9000
b) ISO 27001
c) ISO 21827
d) ISO 9216
07. An operational measure of what constitutes the minimum level of quality with respect to security in code is a description of:
a) ISO 9216 process element
b) OSSTMM report
c) Bug bar
d) SDL process requirement
08. A common language to describe and exchange information about the causes of software vulnerabilities is:
a) CVS
b) CVE
09. The operations and management processes are lumped together into sustainment because:
a) They are at the end of the lifecycle.
b) They are the major activities during the software use lifecycle period.
c) They are neither development nor acquisition.
d) They are strictly control processes for sustaining assurance.
10. The repository where the current baseline is preserved is called the:
a) Controlled repository
b) Dynamic repositary
c) Archive repository
d) Master repository


Question: 01
Answer: b
Question: 02
Answer: b
Question: 03
Answer: b
Question: 04
Answer: c
Question: 05
Answer: c
Question: 06
Answer: d
Question: 07
Answer: c
Question: 08
Answer: b
Question: 09
Answer: b
Question: 10
Answer: a

Note: For any error in ISC2 Certified Secure Software Lifecycle Professional (CSSLP) certification exam sample questions, please update us by writing an email on

Rating: 4.8 / 5 (117 votes)