CISSP Free Practice Test

- (Exam Topic 12)
Match the name of access control model with its associated restriction.
Drag each access control model to its appropriate restriction access on the right.

Solution:
Mandatory Access Control – End user cannot set controls
Discretionary Access Control (DAC) – Subject has total control over objects
Role Based Access Control (RBAC) – Dynamically assigns roles permissions to particular duties based on job function
Rule Based access control – Dynamically assigns roles to subjects based on criteria assigned by a custodian.

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

- (Exam Topic 13)
Which of the following is considered a secure coding practice?

1. A. Use concurrent access for shared variables and resources
2. B. Use checksums to verify the integrity of libraries
3. C. Use new code for common tasks
4. D. Use dynamic execution functions to pass user supplied data

Correct Answer: B

- (Exam Topic 14)
What high Availability (HA) option of database allows multiple clients to access multiple database servers simultaneously?

1. A. Non-Structured Query Language (NoSQL) database
2. B. Relational database
3. C. Shadow database
4. D. Replicated database

Correct Answer: C

- (Exam Topic 11)
By carefully aligning the pins in the lock, which of the following defines the opening of a mechanical lock without the proper key?

1. A. Lock pinging
2. B. Lock picking
3. C. Lock bumping
4. D. Lock bricking

Correct Answer: B

- (Exam Topic 13)
What are the steps of a risk assessment?

1. A. identification, analysis, evaluation
2. B. analysis, evaluation, mitigation
3. C. classification, identification, risk management
4. D. identification, evaluation, mitigation

Correct Answer: A
Section: Security Assessment and Testing