Security Architecture and Engineering

Get familiar with security architecture

This domain covers the design and implementation of secure architectures, including the selection of appropriate security controls and the use of encryption and other cryptographic methods.

5 minutes 5 Questions

Concepts covered: Secure System Design Principles, Computer and Network Security, Physical Security, Identity and Access Management, Cryptography, Cloud Security, Embedded Systems Security, Secure Development Lifecycle, System Resiliency, Security Architectures, Security Testing and Evaluation, Security Models and Frameworks

Test mode:

Exam (Timed)

Practice (With explanations)

Start practice test

CISSP - Security Architecture and Engineering Example Questions

Test your knowledge of Amazon Simple Storage Service (S3)

Question 1

What is the difference between vulnerability and threat?

A vulnerability is a weakness, while a threat is a potential danger exploiting that weakness. A vulnerability is an attack, while a threat is a potential danger to a system. A vulnerability is a potential danger, while a threat is a weakness in a system. A vulnerability is a strength in a system, while a threat is a potential danger exploiting that strength.

Correct Answer: A vulnerability is a weakness, while a threat is a potential danger exploiting that weakness.

A vulnerability is a weakness in a system that could be exploited by a potential attacker. A threat is a potential danger exploiting that weakness. In other words, a vulnerability is a flaw in a system's security, while a threat is the potential for that flaw to be exploited.

Question 2

What is the purpose of a Least Privilege Access policy?

To allow unrestricted access to sensitive information To provide maximum access to all resources to all employees To limit access to only the resources necessary for an employee to perform their job To enforce strict password policies for all employees

Correct Answer: To limit access to only the resources necessary for an employee to perform their job

The purpose of a Least Privilege Access policy is to limit access to only the resources necessary for an employee to perform their job, which reduces the risk of unauthorized access and potential data breaches.

Question 3

What is the purpose of a continuity of operations plan (COOP)?

To mitigate vulnerabilities in a system To ensure compliance with government regulations To ensure critical business operations can continue in the event of a disaster To detect cyber threats in real-time

Correct Answer: To ensure critical business operations can continue in the event of a disaster

A continuity of operations plan (COOP) is designed to ensure critical business operations can continue in the event of a disaster. This allows organizations to continue serving customers and minimize financial losses during a crisis.

Go Premium

CISSP Preparation Package (2024)

4537 Superior-grade CISSP practice questions.
Accelerated Mastery: Deep dive into critical topics to fast-track your mastery.
Unlock Effortless CISSP preparation: 5 full exams.
100% Satisfaction Guaranteed: Full refund with no questions if unsatisfied.
Bonus: If you upgrade now you get upgraded access to all courses
Risk-Free Decision: Start with a 7-day free trial - get premium features at no cost!

Start Your Free 7-Day Trial

More Security Architecture and Engineering questions

152 questions (total)

Start 100 question test