Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

During deployment of a background service on a Linux production server, the installer suggests running it as root even though the program only needs to read /etc/app.conf and write logs under /var/log/app/. To uphold least-privilege principles, which action should the deployment team take?

  • Reuse the existing database administrator account because it already has access to system directories and reduces account sprawl.

  • Execute the binary with the setuid root bit so it can open any required files regardless of their ownership.

  • Create a dedicated service account with no shell access and grant it read rights to the configuration file and write rights only to the application's log directory.

  • Run the service as root but restrict its network access with a host-based firewall rule.

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Deployment, Operations, Maintenance
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot