🔥 3-day streak
ISC2 CISSP — Certified Information Systems Security Professional117 / 129
Question 117 of 129
A software security team reports that their automated unit test suite achieves 92% statement coverage on a new payment module. The security assessor reviewing the test strategy notes that several conditional branches containing input-validation logic are never exercised, even though the lines within them are counted as executed. Which action should the assessor recommend to most accurately measure whether the security-relevant logic is being adequately tested?
Reviewed for accuracy · Report an issueNext question