Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

Your team is preparing to deliver a new case-management system to a government customer. From the perspective of secure software lifecycle activities, which action best demonstrates validation-that is, evidence that the finished product satisfies documented business requirements before it is released?

  • Running static application security testing (SAST) on the source code to identify coding flaws.

  • Executing user acceptance tests with representative business owners using real-world scenarios and success criteria.

  • Measuring code coverage of automated unit tests during nightly continuous-integration builds.

  • Performing a peer review of the system's threat model to confirm identified threats are complete and accurate.

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Lifecycle Management
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot