Exam Questions

1:What does granting users access to objects under the principle of least privilege imply?

  1. Full control

  2. Minimal necessary access

  3. No access

  4. Role-based access

A1: B. The principle of least privilege implies users are granted minimal necessary access to perform their work tasks.
2:Which access control technique uses subject classification to determine access?

  1. Discretionary access control

  2. Access control lists

  3. Mandatory access control

  4. Rule-based access control

A2: C. Mandatory access control must have subject classification to control access. Discretionary, ACLs, and rule-based all employ object-specific controls.
3:Which type of attack is a spoofing attack?

  1. Monitoring attack

  2. Spamming attack

  3. Active attack

  4. Passive attack

A3: C. Spoofing is an active ...

Get CISSP Training Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial