Free CISSP Practice Test PDF
Download a free CISSP practice test PDF with 30 questions, answers and explanations, then continue with online mock exams.
Free CISSP PDF with 30 questions
Print it, save it, or use it as a quick cram sheet before taking a timed mock exam.
Download PDF
The PDF includes 30 CISSP questions with answers and explanations.
Try CISSP questions now
Q1Which of the following access control models requires security clearance for subjects?
Show answer
✓ Correct answer: Mandatory access control
Mandatory access control (MAC) is an access policy that restricts access to objects based on the security clearance of a subject and the classification of an object.
Q2In an organization where there are frequent personnel changes, non-discretionary access control using Role Based Access Control (RBAC) is useful because:
Show answer
✓ Correct answer: the access controls are based on the individual's role or title within the organization.
With Non-Discretionary Access Control, a central authority determines what subjects can have access to certain objects based on the organizational security policy. The access controls may be based on the individual’s role in the organization (role-based access control) or the subject’s responsibilities and duties (taskbased access control). In an organization where there are frequent personnel changes, non-discretionary access control is useful because the access controls are based on the individual’s role or title within the organization. These access controls do not need to be changed whenever a new person takes over that role.
Q3Which item is not part of a Kerberos authentication implementation?
Show answer
✓ Correct answer: Message authentication code
Message authentication code (MAC) is a cryptographic function and is not a key component of Kerberos. Kerberos is made up of a KDC, a realm of principals (users, services, applications, and devices), an authentication service, tickets, and a ticket granting service.
Q4A central authority determines which files a user can access. <br/><br/>Which of the following best describes this?
Show answer
✓ Correct answer: Nondiscretionary access control model
A nondiscretionary access control model uses a central authority to determine which objects (such as files) that users (and other subjects) can access. In contrast, a discretionary access control model allows users to grant or reject access to any objects they own. An ACL is an example or rule‐based access control model. An access control matrix includes multiple objects, and it lists the subject’s access to each of the objects.
Q5The major disadvantage of many Single Sign-On (SSO) implementations is described in which of the following?
Show answer
✓ Correct answer: Once an individual obtains access to the system through the initial log-on, they have access to all resources within the environment that the account has access to.
Single Sign-On is a distributed Access Control methodology in which a user only has to authenticate once to have access to all major and secondary network domains. <br/><br/>When the individual needs extra resources, they would not be asked to re-authenticate. The security concern this raises is that if a fraudster is able to compromise those credentials, they will also have access to all the resources that the account has access to. Because they are distractors, all of the other responses are wrong.
Q6To computer security software, the three traditional methods of authenticating yourself are something you know, something you have, and something:
Show answer
✓ Correct answer: you are.
Three common factors that can be used for authentication:<br/><br/>- Something a person knows.<br/><br/>- Something a person has.<br/><br/>- Something a person is.
Full CISSP bank + unlimited mocks
Try 30 questions free. Unlock the complete CISSP question bank, every explanation, and unlimited timed mock exams. Practice on any device.
Unlock CISSP →