Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

To validate security controls in a payment microservice before go-live, you must create simulation-based test cases that closely mirror production traffic patterns without exposing customer cardholder data. Which approach BEST satisfies this requirement?

  • Rely solely on unit tests that mock the payment gateway's external dependencies within the development IDE.

  • Generate synthetic payment requests that follow production traffic patterns and tokenize all cardholder data before they enter the test environment.

  • Enable verbose logging in production for one day, then copy the resulting log files into the test environment for analysis.

  • Replay sanitized production web-server logs against the microservice in a flat, non-segmented test network.

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Testing
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot