Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

During system testing of a new loan-origination platform, developers must supply Social Security numbers so that built-in format validation and check-digit routines execute correctly. Production SSNs are prohibited from leaving the live environment. Which method best meets the functional test requirement while minimizing the risk of exposing sensitive data?

  • Replace each Social Security number with a format-preserving token that maps back to the real value in a secure vault.

  • Apply a one-way SHA-256 hash to every Social Security number before copying the records to test.

  • Store only the last four digits of each Social Security number and pad the rest with zeros.

  • Encrypt the production Social Security number column with a symmetric key shared with the test team.

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Testing
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot