Top 5 CISSP exam questions and their answers

According to a survey by PayScale.com the average salary of people who have done CISSP certification ranges between $85 thousand to $102 thousand per year, depending on their job profiles. A CISSP certification is perfect for aspirants trying to break into the IT industry and make it big. If you are looking to complete your CISSP certification training and pass with flying colors, the following exam question will help you prepare in the best possible way:

Question 1. In discretionary access environments, which of the following entities is authorized to grant information access to other people?

A. Manager

B. Group Leader

C. Security Manager

D. Data Owner

The correct answer is D. The explanation is as follows:

In Discretionary Access Control (DAC) environments, the user creating a file is the owner of that file. He has total control over the file including the ability to set permissions for that file.

Question 2. Which access control model is best suited in an environment where a high security level is required and where it is desired that only the administrator grants access control?

A. DAC 

B. MAC 

C. Access control matrix 

D. TACACS 

Answer: The correct answer is B. The explanation is as follows:

MAC provides high security by regulating access based on the clearance of individual users and sensitivity labels for each object. Clearance levels and sensitivity levels cannot be modified by individual users; for example, user Joe (SECRET clearance) cannot reclassify the "Presidential Doughnut Recipe" from "SECRET" to "CONFIDENTIAL" so that his friend Jane (CONFIDENTIAL clearance) can read it. The administrator is ultimately responsible for configuring this protection in accordance with security policy and directives from the Data Owner. 

The other answers may seem relevant to some test takers and may confuse them. Below is the explanation for the incorrect answers:

a)      DAC is incorrect because in DAC, the data owner is responsible for controlling access to the object. 

b)      Access control matrix is incorrect because The access control matrix is a way of thinking about the access control needed by a population of subjects to a population of objects. This access control can be applied using rules, ACL's, capability tables, etc. 

c)      TACACS is incorrect because TACACS is a tool for performing user authentication. 

Question 3. Which of the following is NOT a way to secure a wireless network?

A. Disable broadcast of SSID within AP`s configuration 

B. Give AP's descriptive names 

C. Put the access points (AP) in a location protected by a firewall 

D. Change AP's default values 

The correct answer is B. The explanation is as follows:

The SSID of the AP has very little value when it comes to security. In fact, using descriptive names such as you company name would make you a more likely target in some cases. 

The SSID is sent in clear text within the packets. It is not in any way, shape or form a security mechanism.

Question 4. Which of the following is a drawback of fiber optic cables?

A. It is affected by electromagnetic interference (EMI).

B. It can easily be tapped.

C. The expertise needed to install it.

D. The limited distance at high speeds.

The correct answer is C. The explanation is as follows:

Fiber optic is immune to the effects of electromagnetic interference. It is very hard to tap into and has a much longer effective usable length than any other cable type. The primary drawbacks of this cable type are its cost of installation and the high level of expertise needed to have it properly terminated.

Question 5. Which OSI/ISO layer defines how to address the physical devices on the network?

A. Data Link layer 

B. Session layer 

C. Application layer 

D. Transport layer 

The correct answer is A. The explanation is as follows:

The data link layer (layer 2) is the second layer of the seven-layer OSI model of computer networking. It defines how to address the physical locations and/or devices, which are present on the network.

Questions like the ones above and many more will be there on a CISSP certification test for testing your knowledge. You need to prepare yourself by studying hard and seeking the right guidance. QuickStart, with its nearly three decade of experience in the field of IT and technical training, can provide you the right guidance and offer you the perfect platform to launch your career.

About The Author
Dennis
Enterprise Account Manager at QuickStart

Dennis Tello

Dennis is a passionate individual with eight years of experience in the industry. He loves working with organizations large and small, helping them train their technology teams. He specializes in DevOps training and has helped a number of organizations turn their IT teams into game-changers.