(ISC)2(ISC)2
CSSLP · Question #358
CSSLP Question #358: Real Exam Question with Answer & Explanation
Sign in or unlock CSSLP to reveal the answer and full explanation for question #358. The question stem and answer options stay visible for context.
Secure Software Requirements
Question
When preparing misuse and abuse cases for a software product what activities are generally performed to anticipate how it might be exploited?
Options
- ARunning vulnerability aggregation and findings analysis with Google Cloud Security Command
- BReviewing the application functional requirements and user stories for gaps
- CEnumerating likely attacker tactics and specific exploitation scenarios against the application
- DMapping data sensitivity classifications to storage and processing categories
Unlock CSSLP to see the answer
You've previewed enough free CSSLP questions. Unlock CSSLP for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#Misuse cases#Abuse cases#Threat modeling#Exploitation scenarios