Security Architecture Models

Designing secure systems and architectures

Security architecture models involve the design and development of secure systems and architectures. This subtopic covers the selection and application of security models, architectures and security controls, the design and implementation of security solutions, and the evaluation of the security posture of an organization's systems and infrastructure.

5 minutes 5 Questions

Concepts covered: Take-Grant Protection Model, Brewer-Nash Model, Sandhu-Ferraiolo Model, Harrison-Ruzzo-Ullman Model, Graham-Denning Model, Role-Based Access Control Model, Non-Interference Model, Biba Model, Rule-Based Access Control Model, Bell-LaPadula Model, Lattice-Based Access Control Model, Clark-Wilson Model

Test mode:

Exam (Timed)

Practice (With explanations)

Start practice test

CISSP - Security Architecture Models Example Questions

Test your knowledge of Amazon Simple Storage Service (S3)

Question 1

What is a characteristic of the Defense-in-Depth Security Architecture model?

The focus is on keeping the perimeter secure by implementing strong border controls. A single layer of security is implemented to defend against all types of attacks. Multiple layers of security are implemented to protect against multiple types of attacks and reduce the risk associated with a single point of failure. Only physical controls are used to protect against unauthorized access.

Correct Answer: Multiple layers of security are implemented to protect against multiple types of attacks and reduce the risk associated with a single point of failure.

The Defense-in-Depth Security Architecture model involves implementing multiple layers of security to protect against multiple types of attacks and reduce the risk associated with a single point of failure.

Question 2

What is a Security Information Management system (SIM)?

A system that collects, analyzes and reports on security-related data from a variety of sources A system that monitors user access to network resources A system that performs regular backups of an IT system A system that enforces security policies on all network devices

Correct Answer: A system that collects, analyzes and reports on security-related data from a variety of sources

A Security Information Management system (SIM) is a system that collects, analyzes and reports on security-related data from a variety of sources

Question 3

What is the main difference between the Perimeter-Based Security Architecture model and the Zero Trust Security Architecture model?

Both models rely solely on logical security measures. The Perimeter-Based model is more cost effective than the Zero Trust model. The Zero Trust model relies on a secure perimeter to protect internal resources, while the Perimeter-Based model treats all resources as untrusted. The Perimeter-Based model relies on a secure perimeter to protect internal resources, while the Zero Trust model treats all resources as untrusted.

Correct Answer: The Perimeter-Based model relies on a secure perimeter to protect internal resources, while the Zero Trust model treats all resources as untrusted.

The Perimeter-Based Security Architecture model relies on a secure perimeter to protect internal resources, while the Zero Trust Security Architecture model treats all resources as untrusted.

Go Premium

CISSP Preparation Package (2024)

4537 Superior-grade CISSP practice questions.
Accelerated Mastery: Deep dive into critical topics to fast-track your mastery.
Unlock Effortless CISSP preparation: 5 full exams.
100% Satisfaction Guaranteed: Full refund with no questions if unsatisfied.
Bonus: If you upgrade now you get upgraded access to all courses
Risk-Free Decision: Start with a 7-day free trial - get premium features at no cost!

Start Your Free 7-Day Trial

More Security Architecture Models questions

145 questions (total)

Start 100 question test