Top 5 CISSP exam questions and their answers


Top 5 CISSP exam questions and their answers

According to a survey by, the average salary of people who have completed the Certified Information Systems Security Professional (CISSP) certification ranges between $85,000 to $102,000 per year, depending on their job profiles. A CISSP certification is perfect for aspirants trying to break into the IT industry and develop their career. If you are looking to complete your CISSP certification training, the following exam questions will help you prepare:

Question 1. In discretionary access environments, which of the following entities is authorized to grant information access to other people?

A. Manager

B. Group Leader

C. Security Manager

D. Data Owner

The correct answer is D. The explanation is as follows:

In Discretionary Access Control (DAC) environments, the user creating a file is the owner of that file and has total control over the file, including the ability to set permissions for that file.

Question 2. Which access control model is best suited in an environment where a high security level is required and where it is desired that only the administrator grants access control?



C. Access control matrix 


Answer: The correct answer is B. The explanation is as follows:

MAC provides high security by regulating access based on the clearance of individual users and sensitivity labels for each object. Clearance levels and sensitivity levels cannot be modified by individual users; for example, user Joe (SECRET clearance) cannot reclassify the "Presidential Doughnut Recipe" from "SECRET" to "CONFIDENTIAL" so that his friend Jane (CONFIDENTIAL clearance) can read it. The administrator is ultimately responsible for configuring this protection in accordance with security policy and directives from the Data Owner. 

The other answers may seem relevant to some test takers and may confuse them. Below is the explanation for the incorrect answers:

a)      DAC is incorrect because in DAC, the data owner is responsible for controlling access to the object. 

b)      Access control matrix is incorrect because the access control matrix is a way of thinking about the access control needed by a population of subjects to a population of objects. This access control can be applied using rules, ACL's, capability tables, etc. 

c)      TACACS is incorrect because TACACS is a tool for performing user authentication. 

Want to get CISSP certified? Take a look at our CISSP certification exam prep training, and start your 7-day FREE TRIAL with QuickStart.

Question 3. Which of the following is NOT a way to secure a wireless network?

A. Disable broadcast of SSID within AP's configuration 

B. Give AP's descriptive names 

C. Put the access points (AP) in a location protected by a firewall 

D. Change AP's default values 

The correct answer is B. The explanation is as follows:

The SSID of the AP has very little value when it comes to security. In fact, using descriptive names such as your company name would make you a more likely target in some cases. 

The SSID is sent in clear text within the packets. It is not in any way shape or form a security mechanism.

Question 4. Which of the following is a drawback of fiber optic cables?

A. It is affected by electromagnetic interference (EMI).

B. It can easily be tapped.

C. The expertise needed to install it.

D. The limited distance at high speeds.

The correct answer is C. The explanation is as follows:

Fiber optic is immune to the effects of electromagnetic interference. It is very hard to tap into and has a longer effective usable length than any other cable type. The primary drawbacks of this cable type are its cost of installation and the high level of expertise needed to have it properly terminated.

Question 5. Which OSI/ISO layer defines how to address the physical devices on the network?

A. Data Link layer 

B. Session layer 

C. Application layer 

D. Transport layer 

The correct answer is A. The explanation is as follows:

The data link layer (layer 2) is the second layer of the seven-layer OSI model of computer networking. It defines how to address the physical locations and/or devices, which are present on the network.

Questions like the ones above and many more will be there on a CISSP certification test for testing your knowledge. The questions above will help you pass the CISSP exam. You need to prepare yourself by studying hard and seeking the right guidance. QuickStart, with its over three decades of experience in the field of IT and technical training, can provide you the right guidance and offer you the perfect platform to launch your career.

You can also check out our LITE subscription to get access to basic cybersecurity courses absolutely free of charge.

Previous Post Next Post
Hit button to validate captcha