Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

Your development team discovered a production buffer-overflow defect in a C++ microservice even though the code compiled successfully. A root-cause analysis shows that the compiler emitted multiple "unsafe function usage" warnings that were not acted on. To prevent similar issues, which build policy change most effectively enforces secure coding practice for handling compiler diagnostics?

  • Suppress low-severity warnings and rely on runtime exception handling to mitigate any residual risks.

  • Permit builds with warnings but require developers to list each ignored warning in a tracking document before release.

  • Shift security review to post-deployment static analysis scans instead of interrupting the compile process for warnings.

  • Configure the build system to fail compilation whenever the compiler emits any warning, requiring developers to resolve all warnings before code can be merged.

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Implementation
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot