Download Certified Secure Software Lifecycle Professional.Testking.CSSLP.2018-10-06.1e.217q.vcex

Download Dump

File Info

Exam Certified Secure Software Lifecycle Professional
Number CSSLP
File Name Certified Secure Software Lifecycle Professional.Testking.CSSLP.2018-10-06.1e.217q.vcex
Size 668 Kb
Posted October 06, 2018
Downloads 3

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%

Demo Questions

Question 1
Which of the following process areas does the SSE-CMM define in the 'Project and Organizational Practices' category? Each correct answer represents a complete 
solution. Choose all that apply.  

  • A: Provide Ongoing Skills and Knowledge
  • B: Verify and Validate Security
  • C: Manage Project Risk
  • D: Improve Organization's System Engineering Process

Question 2
The LeGrand Vulnerability-Oriented Risk Management method is based on vulnerability analysis and consists of four principle steps. Which of the following processes does the risk assessment step include? Each correct answer represents a part of the solution. Choose all that apply.

  • A: Remediation of a particular vulnerability
  • B: Cost-benefit examination of countermeasures
  • C: Identification of vulnerabilities
  • D: Assessment of attacks

Question 3
You work as a Security Manager for Tech Perfect Inc. You have set up a SIEM server for the following purposes: Analyze the data from different log sources Correlate the events among the log entries Identify and prioritize significant events Initiate responses to events if required One of your log monitoring staff wants to know the features of SIEM product that will help them in these purposes. What features will you recommend? Each correct answer represents a complete solution. 
Choose all that apply.

  • A: Asset information storage and correlation
  • B: Transmission confidentiality protection
  • C: Incident tracking and reporting
  • D: Security knowledge base
  • E: Graphical user interface

Question 4
Which of the following security design patterns provides an alternative by requiring that a user's authentication credentials be verified by the database before providing access to that user's data?

  • A: Secure assertion
  • B: Authenticated session
  • C: Password propagation
  • D: Account lockout

Question 5
Which of the following is the duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in business continuity?

  • A: RTO
  • B: RTA
  • C: RPO
  • D: RCO

Question 6
Which of the following processes culminates in an agreement between key players that a system in its current configuration and operation provides adequate protection controls?  

  • A: Information Assurance (IA)
  • B: Information systems security engineering (ISSE)
  • C: Certification and accreditation (C&A)
  • D: Risk Management

Question 7
Adam works as a Computer Hacking Forensic Investigator for a garment company in the United States. A project has been assigned to him to investigate a case of a disloyal employee who is suspected of stealing design of the garments, which belongs to the company and selling those garments of the same design under different brand name. Adam investigated that the company does not have any policy related to the copy of design of the garments. He also investigated that the trademark under which the employee is selling the garments is almost identical to the original trademark of the company. On the grounds of which of the following laws can the employee be prosecuted?

  • A: Espionage law
  • B: Trademark law
  • C: Cyber law
  • D: Copyright law

Question 8
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of In order to do so, he performs the following steps of the pre-attack phase successfully: Information gathering Determination of network range Identification of active systems Location of open ports and applications Now, which of the following tasks should he perform next?

  • A: Perform OS fingerprinting on the We-are-secure network.
  • B: Map the network of We-are-secure Inc.
  • C: Install a backdoor to log in remotely on the We-are-secure server.
  • D: Fingerprint the services running on the we-are-secure network.

Question 9
Which of the following DITSCAP C&A phases takes place between the signing of the initial version of the SSAA and the formal accreditation of the system?

  • A: Phase 4
  • B: Phase 3
  • C: Phase 1
  • D: Phase 2

Question 10
In which of the following testing methodologies do assessors use all available documentation and work under no constraints, and attempt to circumvent the security features of an information system?  

  • A: Full operational test
  • B: Penetration test
  • C: Paper test 
  • D: Walk-through test



You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files