Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

Your scrum team adds a security-focused user story about audit logging to the backlog. Which acceptance criterion most effectively ensures the story delivers a verifiable security control rather than a generic development task?

  • All transaction events must be recorded to an append-only, tamper-evident log; automated tests must fail the build if deletion or modification of existing log entries is possible.

  • Select and document a preferred open-source logging framework for future use.

  • Ensure the application generates logs that can be useful for troubleshooting according to team discretion.

  • Developers must insert log statements in every service method before code review begins.

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Lifecycle Management
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot