ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question
Your organization hosts internal source code in a managed Git platform. To assure each change originates from an identified developer and has not been altered in transit, which repository control should you require?
Encrypt the repository storage volumes using AES-256
Enable two-factor authentication for the Git web interface
Run nightly static application security tests on all branches
Enforce signed commits verified against developers' public keys
Requiring cryptographically signed commits means every commit must include a developer's digital signature that the repository verifies against a stored public key. This establishes an auditable chain of custody, confirming the author's identity (provenance) and that the content was not modified after the signature was applied (integrity). Encrypting storage, running static tests, or enabling multi-factor authentication all improve security, but they do not directly prove who authored each change or guarantee the code was unchanged in transit.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
How do signed commits work in Git?
Open an interactive chat with Bash
What is the function of a public key in verifying signed commits?
Open an interactive chat with Bash
Why is encrypting repository storage volumes insufficient for proving commit authorship?
Open an interactive chat with Bash
What is a signed commit in Git?
Open an interactive chat with Bash
How does Git use cryptographic keys for signed commits?
Open an interactive chat with Bash
How does enforcing signed commits enhance repository security?
Open an interactive chat with Bash
ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Supply Chain
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .