ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question
A project following a secure software lifecycle wants to add an activity late in the release cycle that demonstrates the application satisfies stakeholder security requirements and can safely operate in its intended environment. Which activity best embodies the validation role rather than verification?
Running automated unit tests that exercise input-validation functions during each build
Executing security-focused acceptance testing with representative users in a staging environment that mirrors production
Performing static application security testing (SAST) on source code before compilation
Conducting peer reviews of the authentication module's source code against the secure coding standard
Validation answers the question "Are we building the right product?" by showing that the implemented system fulfills stakeholder needs in its operational context. Security-focused acceptance testing with representative users exercises the running application in an environment that mirrors production to confirm it meets agreed-upon security requirements. Static code analysis, peer code reviews, and unit tests are verification techniques; they evaluate artifacts against specifications to ensure the product is being built correctly but do not prove it will satisfy stakeholders once deployed.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between validation and verification in secure software development?
Open an interactive chat with Bash
Why is acceptance testing performed in an environment similar to production?
Open an interactive chat with Bash
What is security-focused acceptance testing, and how does it work?
Open an interactive chat with Bash
What is meant by validation in the secure software lifecycle?
Open an interactive chat with Bash
How does validation differ from verification in secure software development?
Open an interactive chat with Bash
What is security-focused acceptance testing, and why is it important?
Open an interactive chat with Bash
ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Lifecycle Management
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .