ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question
A QA engineer drafts a misuse test: an unauthenticated user sends repeated POST /checkout requests with a unit price of 0.01 for high-value items; the system must reject, log, and lock the source account after three failures. Which essential misuse-or-abuse test-case trait does this illustrate?
It replays previously recorded legitimate purchase sessions to confirm normal user acceptance criteria.
It captures the attacker's goal and the system's required security response to that hostile action.
It measures the percentage of code branches exercised during unit test execution.
It subjects the API to high transaction volumes to reveal performance degradation under load.
Misuse and abuse test cases differ from ordinary negative tests because they explicitly state the malicious goal of an attacker and describe the system's expected protective response. In the scenario, the test documents how an attacker tries to subvert business logic (buying expensive items for almost nothing) and specifies how the application should detect and block the attempt. The other options describe load testing, code coverage, and functional acceptance testing, none of which capture attacker intent and a defensive action.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of misuse or abuse test cases in software testing?
Open an interactive chat with Bash
How is a misuse or abuse test case different from a negative test case?
Open an interactive chat with Bash
What are some best practices for creating misuse or abuse test cases?
Open an interactive chat with Bash
What is the primary purpose of misuse and abuse test cases in software security?
Open an interactive chat with Bash
Why do misuse tests differ from negative testing?
Open an interactive chat with Bash
How does the scenario in the question illustrate attacker goals and system defenses?
Open an interactive chat with Bash
ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Testing
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .