Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

During threat modeling of a SaaS customer-relationship platform, the team identifies the risk that privileged help-desk employees could run ad-hoc SQL queries and download the entire customer database. Which architectural control BEST mitigates this insider threat while still allowing the staff to perform day-to-day support tasks?

  • Decrease all employee password expiration intervals from 90 to 30 days

  • Place a web application firewall in front of the database to filter unusual query patterns

  • Add CAPTCHA challenges before any database search performed by support personnel

  • Assign help-desk staff a role that grants only predefined, read-only queries and requires a separate, higher-privileged role for bulk exports

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Architecture and Design
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot