CSSLP Exam: Absolutely Free Online Practice

Question 1
- Which of the following security architectures defines how to integrate widely disparate applications for a world that is Web-based and uses multiple implementation platforms?
  A : erwood Applied Business Security Architecture
  
  B : terprise architecture
  
  C : rvice-oriented architecture
  
  D : rvice-oriented modeling and architecture
  
  Answer: C
Question 2
- Conformance requirements ensure that the software satisfies what?
  
  A : Internal policies and standards
  
  B : Government regulations
  
  C : Government contracts and standards
  
  D : Project commitments
  
  Answer: A
Question 3
- Software configuration management includes what? (Choose all that apply.)
  
  A : Versioning
  
  B : Change control
  
  C : Check-in and check-out practices
  
  D : Backup
  
  Answer: A,B,C,D
Question 4
- The Flaw Hypothesis Method employs which of the following set of phases?
  
  A : Hypothesize the financial risk involved in early software release compared to missed revenue by not releasing it. Take out insurance in the form of bonds to protect yourself from lawsuits due to failed security. Hire a Chief Security Officer knowledgeable in software risk assessment.
  Hypothesize the financial risk involved in early software release compared to missed revenue by not releasing it. Take out insurance in the form of bonds to protect yourself from lawsuits due to failed security. Hire a Chief Security Officer knowledgeable in software risk assessment.
  
  B : Hypothesize potential flaws based on the software documentation. Confirm the flaws through testing. Generalize about the flaws in order to uncover other similar flaws. Create countermeasures against such flaws.
  
  C : Hypothesize which attack vectors a malware attack might take to penetrate your software product. Confirm the flaw using pen testing software. Fix potential software flaws discovered through pen testing. Educate the programmer on ways not to create the same vulnerability.
  
  D : Run an AI code assessment program on your code to discover flaws. Repair the flaws. Run the AI assessment again to see if new flaws were introduced. Monitor vulnerabilities so they can be repaired in the next release.
  
  Answer: C
Question 5
- Elizabeth is a project manager for her organization and she finds risk management to be very difficult for her to manage. She asks you, a lead project manager, at what stage in the project will risk management become easier. What answer best resolves the difficulty of risk management practices and the effort required?
  A : k management only becomes easier when the project moves into project execution
  
  B : k management only becomes easier when the project is closed
  
  C : k management is an iterative process and never becomes easier
  
  D : k management only becomes easier the more often it is practiced
  
  Answer: D

Free ISC2 CSSLP Exam Questions

Absolute Free CSSLP Exam Practice for Comprehensive Preparation