Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

Your team is documenting compliance-driven security requirements for a new online brokerage platform that must satisfy both Sarbanes-Oxley and Gramm-Leach-Bliley regulatory obligations. Which of the following requirements is MOST clearly mandated by GLBA rather than SOX?

  • The application shall retain detailed transaction audit logs for at least seven years to support financial statement auditing.

  • Code promotions to production must require separate approval from an independent control owner to prevent unauthorized changes to financial data.

  • Senior management must quarterly certify the effectiveness of internal controls over financial reporting captured within the system.

  • All nonpublic customer personal information must be encrypted in transit and at rest using industry-accepted algorithms.

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Requirements
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot