Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

Your development team runs an automated unit-test suite during each CI build. The coverage report shows 85 % statement coverage, yet a recent audit found that no tests exercise the branches where authorization checks fail. What change will most directly improve security coverage with minimal build-time impact?

  • Replace the unit-test stage with manual peer code reviews that use a secure-coding checklist.

  • Add negative unit tests that assert access is denied to unauthorized roles and enable branch-coverage metrics for authorization logic.

  • Increase the statement-coverage target to 95 % by adding tests for simple getters and setters.

  • Schedule a full dynamic penetration test to run automatically after every commit to the main branch.

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Testing
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot