Home > CISSP > Quizzes > CISSP Domain 3: Security Architecture and Engineering
CISSP Domain 3: Security Architecture and Engineering
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 45% Most missed: “Tim is a security administrator that manages expired encryption keys. Where will…”

Domain 3 Security Architecture and Engineering Practice Questions
Questions from the following topics are included in this domain:
Research and manage secure design principles
Understand fundamental security models
Select and determine cryptographic solutions
Understand cryptanalytic attacks
Apply security principles to the facility
Design facility security controls

CISSP Domain 3: Security Architecture and Engineering
Time left 00:00
25 Questions

1. Several computers are running very slowly on the network. An investigation shows that the problem is malware. The malware is removed, and all systems have returned to normal operations. What is the next step in the incident management process?
2. Su-Wei, the chief security officer, seeks ideas to protect her facilities from cars accidentally running into them. Which of the following is the BEST for her to choose?
3. Attila, a systems administrator, enables a technique to strengthen passwords, making them harder to crack. Which feature does he engage?
4. Royal, a security manager, considers what would be the best setup for biometric controls. Which is he likely NOT to choose?
5. Of the following encryption methods, which system is the MOST DIFFICULT to crack?
6. Mohamed emails Danielle a wedding proposal, and Danielle responds with 'yes, I want to marry you.' Later that day they meet, and Mohamed denies ever sending the email. How can Danielle prove that Mohamed sent the email?
7. Jiri has confidential-level access to documents on the system. When he attempts to access files with secret access, he is denied. Which model does this BEST represent?
8. Joao is a security engineer that just successfully completed the certification process for firewalls he has reviewed. What step should he take next?
9. What advantages do demilitarized zones provide?
10. Which security model is also known as the Chinese Wall and monitors conflicts of interests?
11. River is a data custodian planning the backup and recovery strategy for laboratory systems. Which of the following will he consider the LEAST from a security perspective?
12. Federico, a security administrator, is designing the message system for six users in his environment. What makes him decide to use symmetric key cryptography over asymmetric?
13. Public key certificates are defined by the X.509 standard format. Which of the following is NOT part of the standard?
14. The control that enforces policy over a subject's (user or process) ability to interact with objects (files or systems) is known as the what?
15. Patricia is a security manager investigating the best models to use for their next automated teller machine (ATM) design. Which of the following would be her BEST choice?
16. Jessica is a security auditor that receives her email online from a cloud provider and uses social media to communicate with her supervisor. Which cloud model is she MOST LIKELY using?
17. Which of the following asymmetric algorithms encrypts and decrypts files based on calculating logarithms?
18. Nicole, a systems administrator and data custodian, seeks the best option to store backup tapes. Which of the following does she choose?
19. Heather, a systems technician, is examining two systems. SystemA has four CPUs and SystemB has one CPU with four cores. Which one has the MOST CPUs?
20. A firewall self-detects that it is faulty. Based on the programming, the device 'decides' to shut down, and allow no traffic. This is an example of which type of failure mode?
21. Arantxa, a systems administrator, seeks to start the computer management console on her Windows 10 system. Which command does she use?
22. Which of the following are true about a public key infrastructure's digital certificate?
23. Gosia, a software developer, is creating a driving simulator. To make her job easier, she acquires a library of cars and trucks recommended to her by a newsgroup. A week later, an overseas hacker is detected on her computer. What MOST LIKELY happened?
24. Computers add multiple CPUs to improve performance. These systems are called what?
25. Chantel is a network engineer assigned the task of installing wireless networks in the most secure way possible. Which of the following does she AVOID?