Secure Software Lifecycle Professional – CSSLP – Question244

Which of the following are the basic characteristics of declarative security? Each correct answer represents a complete solution. Choose all that apply.

A.
It is a container-managed security.
B. It has a runtime environment.
C. All security constraints are stated in the configuration files.
D. The security policies are applied at the deployment time.

Correct Answer: ABC

Explanation:

Explanation: The following are the basic characteristics of declarative security: In declarative security, programming is not required. All security constraints are stated in the configuration files. It is a container-managed security. The application server manages the enforcing process of security constraints. It has a runtime environment. The security policies for runtime environment are represented by the deployment descriptor. It can support different environments, such as development, testing, and production. Answer: D is incorrect. It is the characteristic of programmatic security.