Free ISC2 CSSLP Exam Questions

Become ISC2 Certified with updated CSSLP exam questions and correct answers

Page: 1 / 155

Total 774 Questions | Updated On: Aug 21, 2019

Add To Cart

Question 1

The concept of making a system that prevents a subject from denying a previous action with an object is an example of enforcing what?

A : Nonrepudiation

B : Diversity of defense

C : Defense in depth

D : Separation of duties

Answer: A

Question 2

The operations phase of the software lifecycle is characterized by what?

A : It begins when software is released from development.

B : It begins with the development of the program requirements.

C : The response team is the process manager.

D : The development team is the process manager.

Answer: A

Question 3

Which of the following types of attacks occurs when an attacker successfully inserts an intermediary software or program between two communicating hosts?

A : nial-of-service attack

B : ctionary attack

C : n-in-the-middle attack

D : word guessing attack

Answer: C

Question 4

Conformance requirements ensure that the software satisfies what?

A : Internal policies and standards

B : Government regulations

C : Government contracts and standards

D : Project commitments

Answer: A

Question 5

Security Test and Evaluation (ST&E) is a component of risk assessment. It is useful in discovering system vulnerabilities. For what purposes is ST&E used? Each correct answer represents a complete solution. Choose all that apply

A : implement the design of system architecture

B : determine the adequacy of security mechanisms, assurances, and other properties to enforce the security policy

C : assess the degree of consistency between the system documentation and its implementation

D : uncover design, implementation, and operational flaws that may allow the violation of security policy

Answer: B,C,D

Page: 1 / 155

Total 774 Questions | Updated On: Aug 21, 2019

Add To Cart