Practice CISSP Security Architecture and Engineering questions with full explanations on every answer.
Start practicing
Security Architecture and Engineering — choose a session length
Free · No account required
Click any question to see the full explanation and answer options, or start a focused practice session above.
A security architect is designing a system for a military intelligence agency where data classification labels (Top Secret, Secret, Confidential, Unclassified) are mandatory. Users are cleared to a specific level and must not read data above their clearance. Which security model enforces this type of access control?
2A financial application requires strict integrity controls to prevent unauthorized modifications. The security team implements a model where users cannot write data to higher integrity levels (no write up) and cannot read data from lower integrity levels (no read down). Which model is being applied?
3Which access control model allows data owners to grant or revoke access to resources they own, typically implemented using ACLs?
4A security architect is selecting a cryptographic algorithm for encrypting data at rest in a backup system. The system requires strong security with a block cipher, and the organization mandates using a NIST-approved algorithm with key sizes of 128, 192, or 256 bits. Which algorithm should be selected?
5An organization is implementing a PKI for internal use. To ensure that certificate revocation status is checked in real-time without relying on periodic CRL downloads, which mechanism should be used?
6A security engineer is analyzing a vulnerability where an attacker can cause a buffer overflow on the stack. Which mitigation technique randomizes memory addresses to make it harder for the attacker to predict the location of shellcode or return addresses?
7Which of the following is a primary function of a Trusted Platform Module (TPM)?
8A security architect is evaluating hypervisor security for a multi-tenant cloud environment. Which type of hypervisor is considered more secure because it runs directly on the hardware without a host operating system, reducing the attack surface?
9Which physical security design principle emphasizes that the physical environment should be designed to discourage criminal activity by using natural surveillance, access control, and territorial reinforcement?
10A security analyst discovers that an application allows a user to read a file they just wrote before the file's integrity is verified, due to a gap between the time of check and time of use. This is an example of which vulnerability?
11A security architect is designing a system that must prevent conflicts of interest when a consultant works for two competing clients. Which security model ensures that the consultant cannot access data from one client if they have already accessed data from the other?
12Which component of a trusted computing base (TCB) implements the reference monitor concept by enforcing access control decisions for all subjects and objects in the system?
13A security architect is evaluating access control models for a healthcare system where users have specific roles (e.g., doctor, nurse, admin) and permissions are assigned based on those roles. However, the architect also wants to incorporate attributes such as time of day, patient consent status, and device type. Which TWO models should be combined to meet these requirements?
14A security engineer is investigating a covert channel in a system. Which TWO types of covert channels could be used to leak information from a high-security to a low-security process?
15An organization is implementing a defense-in-depth strategy for a data center. Which THREE of the following are examples of physical security controls that align with layered defense?
16A government agency requires a security model that prevents users from reading documents at a higher classification level and from writing to documents at a lower classification level. Which model enforces these constraints?
17An organization implements a security model where users can only read objects at or below their security clearance, and can only write to objects at or above their clearance. This model primarily ensures:
18A financial institution must ensure that transactions are well-formed and enforce separation of duties to prevent fraud. Which security model best addresses these requirements?
19Which access control model allows the owner of a resource to grant or deny access to other users?
20An organization uses a system where access decisions are based on user attributes (e.g., job title, clearance), resource attributes (e.g., classification), and environmental factors (e.g., time of day). This is an example of:
21A security team is investigating a vulnerability where an attacker can intercept and modify data as it moves between processes within a CPU's secure enclave. Which technology is designed to protect against such attacks by creating a trusted execution environment?
22Which cryptographic algorithm is a symmetric block cipher widely used for encrypting sensitive data, with key sizes of 128, 192, or 256 bits?
23A security architect is deploying a public key infrastructure (PKI) and wants to ensure that certificate revocation status is verified efficiently without relying on a centralized CRL distribution point. Which technique should be used?
24An organization deploys a hypervisor to host multiple virtual machines. To mitigate the risk of VM escape attacks, which of the following is the most effective security measure?
25A software developer is concerned about buffer overflow vulnerabilities. Which combination of mitigations makes it most difficult for an attacker to exploit a stack-based buffer overflow?
26Which type of covert channel uses the timing of events or operations to transmit information?
27A security architect is designing a physical security system for a data center. Which of the following is an example of a layered physical control at the perimeter?
28A security analyst is evaluating access control models for a healthcare organization that needs to enforce both confidentiality and integrity. Which TWO models should be considered? Select two.
29A company is designing a secure application that requires hardware-based key storage and remote attestation. Which THREE technologies provide hardware root of trust? Select three.
30A security engineer is hardening a system against side-channel attacks that exploit variations in execution time or power consumption. Which TWO mitigations are specifically designed to counter such attacks? Select two.
31A government agency requires a security model that prevents users from reading documents classified above their clearance level and from writing classified information to lower-level systems. Which model enforces these constraints?
32An organization requires a commercial integrity model where users cannot modify data in higher integrity levels and cannot read data from lower integrity levels. Which model should they implement?
33Which access control model allows the data owner to determine who can access their resources, typically using Access Control Lists (ACLs)?
34A security architect is implementing a system that must prevent conflicts of interest for a consulting firm serving competing clients. Which security model is best suited for this requirement?
35A company is deploying a hypervisor to run multiple virtual servers. To minimize the risk of VM escape attacks, which type of hypervisor should they choose and what hardening measure is most effective?
36An organization wants to implement a security mechanism that ensures all accesses are mediated and cannot be bypassed, is tamperproof, and is small enough to be verified. This describes which concept?
37Which cryptographic algorithm is an example of a symmetric stream cipher?
38A security analyst is investigating a potential data leak via covert channels. Which of the following is an example of a timing covert channel?
39A software vulnerability allows an attacker to overwrite a return address on the stack to execute arbitrary code. What mitigation technique randomizes the memory layout to prevent the attacker from predicting target addresses?
40A company wants to ensure that only authorized software can run on its laptops. They decide to use a hardware component that validates the boot process by measuring each component before it loads. Which technology is being used?
41Which physical security concept uses natural surveillance, territorial reinforcement, and access control to deter crime in built environments?
42In a PKI hierarchy, a relying party needs to verify a certificate's validity. To reduce latency and improve privacy, which mechanism allows the relying party to obtain the revocation status without contacting the CA directly for each verification?
43A security architect is designing a system to protect against side-channel attacks that exploit electromagnetic emanations. Which TWO controls are most effective?
44A security engineer is hardening a web application against race condition vulnerabilities. Which TWO techniques are effective mitigations?
45A financial institution is implementing a Clark-Wilson integrity model. Which THREE components are essential to this model?
46A security architect is designing a system for a government agency that requires strict confidentiality controls. Data must be classified at multiple levels (e.g., Top Secret, Secret, Confidential). Users at a lower classification should not be able to read data at a higher classification, and users at a higher classification should not be able to write data to a lower classification. Which security model enforces these rules?
47A company is implementing an access control system where permissions are granted based on attributes such as user role, department, time of day, and device trust score. This approach allows for fine-grained policies that can adapt to context. Which access control model is being used?
48A security engineer is evaluating a system that uses a Trusted Platform Module (TPM) for secure boot. The TPM measures the boot components and stores the measurements in Platform Configuration Registers (PCRs). Which of the following is a primary security goal achieved by this process?
49An organization is implementing a Public Key Infrastructure (PKI) to support secure email and web communications. The PKI includes a root CA, intermediate CAs, and end-entity certificates. Which of the following best describes the role of the root CA in this hierarchy?
50During a security audit, a vulnerability scanner reports a buffer overflow vulnerability in a legacy application. The application runs on a system with Data Execution Prevention (DEP/NX) enabled and Address Space Layout Randomization (ASLR) active. Which of the following is the most likely impact of these mitigations on a typical stack-based buffer overflow exploit?
51A security architect is designing a physical security perimeter for a data center. Which of the following is an example of Crime Prevention Through Environmental Design (CPTED) principle?
52An organization is evaluating a Time-of-Check to Time-of-Use (TOCTOU) vulnerability in a file access routine. The routine checks if a user has permission to open a file, then later opens the file. Which of the following best describes the potential exploitation?
53A security analyst is investigating a potential covert timing channel in a system. Which of the following characteristics best describes this type of channel?
54A cloud service provider uses a Type 1 hypervisor to host multiple virtual machines (VMs) for different customers. Which of the following is a primary security concern specific to this architecture?
55A security architect is designing a system that must ensure integrity of commercial transactions. Which of the following models are specifically focused on integrity? (Choose TWO)
56A security engineer is hardening a system against buffer overflow attacks. Which of the following are effective mitigations? (Choose THREE)
57A company is implementing a PKI to support secure web browsing. Which of the following are commonly used to enhance the security of certificate validation? (Choose TWO)
58Which of the following are characteristics of a Trusted Execution Environment (TEE)? (Choose TWO)
59A security architect is evaluating physical security controls for a facility handling sensitive data. Which of the following are examples of layered physical security controls? (Choose THREE)
60In the context of the Clark-Wilson integrity model, which of the following are key elements? (Choose TWO)
The Security Architecture and Engineering domain covers the key concepts tested in this area of the CISSP exam blueprint published by ISC2. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all CISSP domains — no account required.
The Courseiva CISSP question bank contains 60 questions in the Security Architecture and Engineering domain. Click any question to see the full explanation and answer breakdown.
Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.
Yes — the session launcher on this page draws questions exclusively from the Security Architecture and Engineering domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.
Save your results, see per-domain analytics, and get readiness scores — free, for every certification.
Sign Up FreeFree forever · Every certification included