Crucial Exams

ISC2 CISSP Practice Question

Your DevSecOps team has developed a new API gateway module that enforces mutual TLS and stricter rate-limiting. The team wants to validate the control with real production traffic while ensuring that any unexpected failures affect the smallest possible user group and can be reversed immediately. Which release strategy BEST meets this security objective?

  • Keep the code in a dedicated branch until the next quarterly maintenance window, then deploy to all users at once.

  • Enable the module with a feature flag targeting an initial 5 % of users and expand coverage as monitoring remains healthy.

  • Perform a blue-green deployment and shift 100 % of traffic to the new environment once synthetic tests pass.

  • Wrap the module in a circuit breaker that shuts down the entire gateway service if error thresholds are exceeded.

ISC2 CISSP
Software Development Security
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot