ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question
During architecture planning for a SaaS electronic-health-record platform, the risk assessment ranks security objectives as follows: confidentiality - high, integrity - moderate, availability - low. Budget limitations allow funding only one additional control in the first release. Which control should be given the highest priority to address the stated objectives?
Deploy an active-active dual-site architecture with automatic fail-over for high availability.
Add a global content delivery network (CDN) to improve performance and resiliency.
Encrypt all patient data at rest in the database with AES-256 and dedicated key management.
Implement a centralized SIEM to collect and correlate security events in real time.
Because confidentiality is the foremost requirement for electronic health information, a control that directly protects data from unauthorized disclosure should be implemented first. Encrypting database storage with a strong algorithm and sound key management provides confidentiality even if underlying media or backups are exposed. High-availability load balancing, SIEM aggregation, and a global CDN primarily address availability or monitoring needs; they do not directly mitigate confidentiality risks and therefore are lower priorities given the requirement ranking.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is AES-256 encryption, and why is it suitable for ensuring confidentiality?
Open an interactive chat with Bash
Why is key management critical in encryption, and what constitutes 'dedicated' key management?
Open an interactive chat with Bash
Why was high availability given lower priority in this scenario?
Open an interactive chat with Bash
What is AES-256 encryption and why is it used for confidentiality?
Open an interactive chat with Bash
Why is key management crucial when using encryption like AES-256?
Open an interactive chat with Bash
Why were the other controls (dual-site architecture, SIEM, CDN) deprioritized in this scenario?
Open an interactive chat with Bash
ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Architecture and Design
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .