Security Architecture Review

5 minutes 5 Questions

Security Architecture Review (SAR) is a systematic approach to evaluating the design and implementation of an organization's information security controls and processes. This methodology aims to identify potential vulnerabilities in the security infrastructure and provides recommendations for impro…

Test mode:

Exam (Timed)

Practice (With explanations)

Start practice test

Question 1

During a security architecture review for an e-commerce company, you notice that their network is not properly segmented. Which solution should be implemented to improve security?

Implement a DMZ to separate public-facing servers from internal networks Remove the firewall and replace it with a proxy server Place all the servers in the same subnet Install only antivirus software on all servers

Correct Answer: Implement a DMZ to separate public-facing servers from internal networks

A DMZ (Demilitarized Zone) provides an additional layer of security by separating public-facing servers from internal networks. Other options either reduce the security, make no changes to segmentation, or limit business functionality.

Question 2

You are conducting a security architecture review for a company that stores sensitive employee data. Which encryption technique should be used to protect the data?

Unencrypted data transfer Low-level cryptographic algorithms Symmetric encryption with proper key management Asymmetric encryption without proper key management

Correct Answer: Symmetric encryption with proper key management

Symmetric encryption with proper key management ensures efficient and secure encryption of sensitive data. Other options either provide insufficient security, are inefficient, or rely on user-generated passwords which can be easily guessed or forgotten.

Question 3

During a security architecture review for an organization handling classified information, you discover that employees frequently share their passwords. As a solution, you want to implement multi-factor authentication. What combination of factors is recommended?

Something you know, something you have, and something you are Only something you know Only something you are Only something you have

Correct Answer: Something you know, something you have, and something you are

The most secure multi-factor authentication method involves the use of three factors: something you know (e.g., password), something you have (e.g., token), and something you are (e.g., fingerprint). Other options provide fewer factors and consequently lower security.

🎓 Unlock Premium Access

CISSP + ALL Certifications

More Security Architecture Review questions

12 questions (total)

Start 12 question test

Security Architecture Review

Guide to Security Architecture Review

CISSP - Security Architecture Review Example Questions

Question 1

Question 2

Question 3

🎓 Unlock Premium Access