Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

A fintech startup is preparing to deploy a payment-processing microservice that will store primary account numbers (PANs). The product manager proposes postponing the PCI DSS encryption-at-rest requirement to accelerate the release schedule. From an operational risk standpoint, which outcome represents the most immediate consequence of adopting this plan?

  • Transaction latency would rise due to added computational load during encryption operations.

  • Deployment complexity would be reduced, thereby lowering the chance of configuration-related outages without major security trade-offs.

  • The service would be immediately out of compliance with PCI DSS, increasing the likelihood of fines and forced breach disclosure if data is exposed.

  • Liability for any cardholder-data breach would shift to the acquiring bank, leaving the startup with minimal direct consequences.

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Deployment, Operations, Maintenance
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot