Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

During abuse case analysis for a social media web app that lets members upload profile images, the analyst records the scenario "attacker uploads a 2-GB file to consume backend storage and impact availability." Which security requirement most directly mitigates this specific misuse case?

  • The application shall submit every uploaded file to an anti-malware engine before making it available to users.

  • The application shall embed a visible watermark on every uploaded image before storing it.

  • The application shall compute a SHA-256 hash of each uploaded file and log it for integrity verification.

  • The application shall enforce a maximum upload size of 5 MB and reject any larger files.

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Requirements
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot