CCNA Cissp Security Arch Questions

60 questions · Cissp Security Arch topic · All types, answers revealed

1
MCQmedium

A security architect is deploying a public key infrastructure (PKI) and wants to ensure that certificate revocation status is verified efficiently without relying on a centralized CRL distribution point. Which technique should be used?

A.Certificate Transparency Logs
B.OCSP Stapling
C.Certificate Pinning
D.Self-Signed Certificates
AnswerB

OCSP stapling caches and provides revocation status with the certificate.

Why this answer

OCSP stapling allows a TLS server to present a signed OCSP response from the CA, reducing load on the CA and providing timely revocation status.

2
MCQeasy

A company is implementing an access control system where permissions are granted based on attributes such as user role, department, time of day, and device trust score. This approach allows for fine-grained policies that can adapt to context. Which access control model is being used?

A.MAC (Mandatory Access Control)
B.ABAC (Attribute-Based Access Control)
C.DAC (Discretionary Access Control)
D.RBAC (Role-Based Access Control)
AnswerB

Correct. ABAC uses multiple attributes for access decisions.

Why this answer

ABAC (Attribute-Based Access Control) uses attributes of the user, resource, and environment to determine access. It is more flexible than RBAC or MAC.

3
Multi-Selectmedium

A security architect is evaluating access control models for a healthcare system where users have specific roles (e.g., doctor, nurse, admin) and permissions are assigned based on those roles. However, the architect also wants to incorporate attributes such as time of day, patient consent status, and device type. Which TWO models should be combined to meet these requirements?

Select 2 answers
A.Clark-Wilson
B.MAC
C.ABAC
D.RBAC
E.DAC
AnswersC, D

Correct. ABAC handles attributes.

Why this answer

RBAC provides role-based permissions, while ABAC adds flexibility with attributes. Combining them allows fine-grained control.

4
Multi-Selectmedium

A security engineer is hardening a web application against race condition vulnerabilities. Which TWO techniques are effective mitigations?

Select 2 answers
A.Enabling ASLR
B.Input validation
C.Implementing file locking
D.Using prepared statements
E.Use of atomic transactions
AnswersC, E

Locking prevents concurrent access that could cause a race condition.

Why this answer

Using atomic operations and implementing proper locking mechanisms prevent race conditions. Input validation alone does not prevent race conditions.

5
MCQmedium

A security analyst is investigating a potential covert timing channel in a system. Which of the following characteristics best describes this type of channel?

A.It requires high bandwidth to be effective
B.It modulates the time between events to encode information
C.It uses storage locations not normally accessible to the sender and receiver
D.It uses encryption to hide the content of the communication
AnswerB

Correct. Timing channels use temporal modulation.

Why this answer

A covert timing channel uses the timing of events (e.g., response times) to transmit information, bypassing security controls.

6
MCQmedium

A security analyst is investigating a potential data leak via covert channels. Which of the following is an example of a timing covert channel?

A.Modifying unused fields in network packets
B.Encoding data in the TCP sequence number
C.Writing data to a shared disk file
D.Varying the spacing between keystrokes
AnswerD

Correct. Varying timing encodes information through timing variations.

Why this answer

A timing covert channel uses variations in timing (e.g., response time) to encode information, rather than storing data in shared resources.

7
MCQmedium

An organization is evaluating a Time-of-Check to Time-of-Use (TOCTOU) vulnerability in a file access routine. The routine checks if a user has permission to open a file, then later opens the file. Which of the following best describes the potential exploitation?

A.An attacker exploits a weak cryptographic algorithm
B.An attacker modifies the file after the permission check but before the open operation
C.An attacker performs a buffer overflow to gain elevated privileges
D.An attacker intercepts the network traffic to steal credentials
AnswerB

Correct. This is a classic TOCTOU race condition.

Why this answer

A TOCTOU attack occurs when the resource state changes between the check and the use. For example, an attacker could replace the file after authorization but before open.

8
MCQhard

An organization is implementing a PKI for internal use. To ensure that certificate revocation status is checked in real-time without relying on periodic CRL downloads, which mechanism should be used?

A.CT logs
B.Certificate pinning
C.CRL distribution points
D.OCSP stapling
AnswerD

Correct. OCSP stapling provides real-time status via TLS handshake.

Why this answer

OCSP stapling allows the server to present a time-stamped OCSP response during the TLS handshake, providing real-time revocation status without the client needing to contact the CA.

9
MCQmedium

A security architect is selecting a cryptographic algorithm for encrypting data at rest in a backup system. The system requires strong security with a block cipher, and the organization mandates using a NIST-approved algorithm with key sizes of 128, 192, or 256 bits. Which algorithm should be selected?

A.RC4
B.RSA
C.AES
D.3DES
AnswerC

Correct. AES meets all requirements.

Why this answer

AES is a NIST-approved symmetric block cipher supporting 128, 192, and 256-bit keys. It is the standard for data at rest encryption.

10
MCQeasy

A security architect is designing a physical security perimeter for a data center. Which of the following is an example of Crime Prevention Through Environmental Design (CPTED) principle?

A.Using high fences with barbed wire around the facility
B.Designing the landscape to provide clear sightlines from the guard post
C.Deploying motion sensors and CCTV cameras
D.Installing biometric locks on all server room doors
AnswerB

Correct. Clear sightlines enhance natural surveillance.

Why this answer

CPTED uses natural surveillance, access control, and territorial reinforcement. Clear sightlines allow monitoring and deter crime.

11
MCQeasy

Which access control model allows the data owner to determine who can access their resources, typically using Access Control Lists (ACLs)?

A.Discretionary Access Control (DAC)
B.Role-Based Access Control (RBAC)
C.Mandatory Access Control (MAC)
D.Attribute-Based Access Control (ABAC)
AnswerA

Correct. DAC allows owners to grant or deny access.

Why this answer

Discretionary Access Control (DAC) gives owners discretion over access permissions, often via ACLs.

12
MCQeasy

Which component of a trusted computing base (TCB) implements the reference monitor concept by enforcing access control decisions for all subjects and objects in the system?

A.Trusted platform module
B.Trusted computing base
C.Reference monitor
D.Security kernel
AnswerD

Correct. The security kernel implements the reference monitor.

Why this answer

The security kernel is the part of the TCB that implements the reference monitor, mediating all access requests.

13
MCQmedium

A government agency requires a security model that prevents users from reading documents at a higher classification level and from writing to documents at a lower classification level. Which model enforces these constraints?

A.Bell-LaPadula
B.Brewer-Nash
C.Clark-Wilson
D.Biba
AnswerA

Correct as described.

Why this answer

Bell-LaPadula enforces no read up (simple security property) and no write down (*-property) to ensure confidentiality.

14
MCQmedium

A security architect is designing a system for a government agency that requires strict confidentiality controls. Data must be classified at multiple levels (e.g., Top Secret, Secret, Confidential). Users at a lower classification should not be able to read data at a higher classification, and users at a higher classification should not be able to write data to a lower classification. Which security model enforces these rules?

A.Biba model
B.Clark-Wilson model
C.Brewer-Nash model
D.Bell-LaPadula model
AnswerD

Correct. Bell-LaPadula enforces 'no read up, no write down' for confidentiality.

Why this answer

The Bell-LaPadula model is a state machine model focused on confidentiality. It enforces 'no read up' and 'no write down' to prevent unauthorized access to higher classification data and prevent downgrading of classified information.

15
MCQmedium

An organization requires a commercial integrity model where users cannot modify data in higher integrity levels and cannot read data from lower integrity levels. Which model should they implement?

A.Bell-LaPadula
B.Clark-Wilson
C.Biba
D.Take-Grant
AnswerC

Correct. Biba enforces no write up and no read down to maintain data integrity.

Why this answer

The Biba model addresses integrity through *no write up* and *no read down* rules.

16
MCQmedium

Which physical security design principle emphasizes that the physical environment should be designed to discourage criminal activity by using natural surveillance, access control, and territorial reinforcement?

A.TEMPEST
B.Fail-safe
C.Layered defense
D.CPTED
AnswerD

Correct. CPTED integrates design to deter crime.

Why this answer

CPTED (Crime Prevention Through Environmental Design) uses architectural features to reduce crime.

17
Multi-Selectmedium

A security architect is designing a system that must ensure integrity of commercial transactions. Which of the following models are specifically focused on integrity? (Choose TWO)

Select 2 answers
A.Take-Grant
B.Brewer-Nash
C.Biba
D.Clark-Wilson
E.Bell-LaPadula
AnswersC, D

Correct. Biba is an integrity model.

Why this answer

Biba is an integrity model using no write up/no read down. Clark-Wilson is a commercial integrity model based on well-formed transactions and separation of duties.

18
MCQmedium

An organization is implementing a Public Key Infrastructure (PKI) to support secure email and web communications. The PKI includes a root CA, intermediate CAs, and end-entity certificates. Which of the following best describes the role of the root CA in this hierarchy?

A.It performs key escrow for all users
B.It issues certificates directly to end users
C.It validates certificate revocation lists (CRLs)
D.It is self-signed and forms the trust anchor
AnswerD

Correct. The root CA is self-signed and trusted by all other entities.

Why this answer

The root CA is the top-level entity that signs its own certificate (self-signed) and issues certificates to intermediate CAs. It is the trust anchor for the entire PKI.

19
MCQhard

A financial institution must ensure that transactions are well-formed and enforce separation of duties to prevent fraud. Which security model best addresses these requirements?

A.Biba
B.Clark-Wilson
C.Brewer-Nash
D.Bell-LaPadula
AnswerB

Clark-Wilson is designed for commercial integrity with transaction controls and separation of duties.

Why this answer

Clark-Wilson model defines well-formed transactions and separation of duties to maintain commercial integrity.

20
MCQeasy

Which access control model allows the owner of a resource to grant or deny access to other users?

A.Mandatory Access Control (MAC)
B.Discretionary Access Control (DAC)
C.Attribute-Based Access Control (ABAC)
D.Role-Based Access Control (RBAC)
AnswerB

DAC allows the owner to set permissions.

Why this answer

Discretionary Access Control (DAC) enables resource owners to control access.

21
MCQmedium

A security architect is implementing a system that must prevent conflicts of interest for a consulting firm serving competing clients. Which security model is best suited for this requirement?

A.Take-Grant
B.Brewer-Nash
C.Clark-Wilson
D.Graham-Denning
AnswerB

Correct. Brewer-Nash prevents conflicts of interest by controlling access to datasets of competing interests.

Why this answer

The Brewer-Nash (Chinese Wall) model prevents consultants from accessing data of competing clients once they have accessed one client's data.

22
MCQeasy

Which physical security concept uses natural surveillance, territorial reinforcement, and access control to deter crime in built environments?

A.TEMPEST
B.Faraday cage
C.Defense in depth
D.CPTED
AnswerD

Correct. CPTED uses environmental design to deter crime.

Why this answer

Crime Prevention Through Environmental Design (CPTED) uses design principles to reduce crime opportunities.

23
Multi-Selecthard

A financial institution is implementing a Clark-Wilson integrity model. Which THREE components are essential to this model?

Select 3 answers
A.User roles
B.Constrained Data Items (CDIs)
C.Transformation Procedures (TPs)
D.Integrity Verification Procedures (IVPs)
E.Unconstrained Data Items (UDIs)
AnswersB, C, D

CDIs are data items subject to integrity controls.

Why this answer

Clark-Wilson includes well-formed transactions (constrained data items), separation of duties (transformation procedures), and integrity verification procedures (IVPs). Users and roles are not specific components of the model.

24
Multi-Selecthard

A security engineer is investigating a covert channel in a system. Which TWO types of covert channels could be used to leak information from a high-security to a low-security process?

Select 2 answers
A.TOCTOU
B.Emanations
C.Covert timing channel
D.Side-channel
E.Covert storage channel
AnswersC, E

Correct. Timing channels use temporal modulation.

Why this answer

Covert timing channels modulate the timing of events to signal information. Covert storage channels write data to a shared resource that the other process can read.

25
MCQmedium

A financial application requires strict integrity controls to prevent unauthorized modifications. The security team implements a model where users cannot write data to higher integrity levels (no write up) and cannot read data from lower integrity levels (no read down). Which model is being applied?

A.Bell-LaPadula
B.Graham-Denning
C.Clark-Wilson
D.Biba
AnswerD

Correct. Biba protects integrity with no write up and no read down.

Why this answer

Biba model enforces integrity: no write up (subjects cannot write to higher integrity objects) and no read down (subjects cannot read lower integrity data).

26
MCQeasy

Which cryptographic algorithm is an example of a symmetric stream cipher?

A.RC4
B.AES
C.3DES
D.RSA
AnswerA

Correct. RC4 is a symmetric stream cipher.

Why this answer

RC4 is a widely known stream cipher that encrypts data one byte at a time.

27
MCQeasy

Which of the following is a primary function of a Trusted Platform Module (TPM)?

A.Encrypting network traffic
B.Providing antivirus protection
C.Enforcing access control policies
D.Storing cryptographic keys securely
AnswerD

Correct. TPM securely stores keys and performs cryptographic operations.

Why this answer

A TPM provides hardware-based secure storage for cryptographic keys, enabling secure boot and remote attestation.

28
MCQmedium

A company wants to ensure that only authorized software can run on its laptops. They decide to use a hardware component that validates the boot process by measuring each component before it loads. Which technology is being used?

A.Trusted Platform Module (TPM)
B.Trusted Execution Environment (TEE)
C.Security Kernel
D.Hypervisor
AnswerA

Correct. TPM performs measured boot and remote attestation.

Why this answer

TPM (Trusted Platform Module) enables measured boot, where the TPM stores measurements of boot components and verifies their integrity.

29
MCQmedium

An organization uses a system where access decisions are based on user attributes (e.g., job title, clearance), resource attributes (e.g., classification), and environmental factors (e.g., time of day). This is an example of:

A.Role-Based Access Control (RBAC)
B.Attribute-Based Access Control (ABAC)
C.Mandatory Access Control (MAC)
D.Discretionary Access Control (DAC)
AnswerB

ABAC evaluates policies using user, resource, and environment attributes.

Why this answer

Attribute-Based Access Control (ABAC) considers multiple attributes for access decisions.

30
MCQhard

A security analyst discovers that an application allows a user to read a file they just wrote before the file's integrity is verified, due to a gap between the time of check and time of use. This is an example of which vulnerability?

A.Covert channel
B.Buffer overflow
C.TOCTOU
D.Side-channel attack
AnswerC

Correct. TOCTOU is a race condition between check and use.

Why this answer

TOCTOU (Time of Check to Time of Use) is a race condition where a resource is checked and then used, but the state changes in between.

31
MCQmedium

An organization implements a security model where users can only read objects at or below their security clearance, and can only write to objects at or above their clearance. This model primarily ensures:

A.Integrity
B.Confidentiality
C.Accountability
D.Availability
AnswerA

Biba is an integrity model.

Why this answer

Biba model prevents data corruption by enforcing no read down (integrity) and no write up.

32
MCQhard

A security team is investigating a vulnerability where an attacker can intercept and modify data as it moves between processes within a CPU's secure enclave. Which technology is designed to protect against such attacks by creating a trusted execution environment?

A.Trusted Platform Module (TPM)
B.Intel Software Guard Extensions (SGX)
C.Measured Boot
D.Secure Boot
AnswerB

SGX creates enclaves for trusted execution.

Why this answer

Intel SGX provides a TEE that isolates code and data in enclaves, protecting from other processes.

33
Multi-Selecteasy

Which of the following are characteristics of a Trusted Execution Environment (TEE)? (Choose TWO)

Select 2 answers
A.It is only available in cloud environments
B.It runs as a separate virtual machine
C.It requires a TPM chip
D.It provides hardware-enforced isolation from the main OS
E.It protects code and data from unauthorized access even by the OS
AnswersD, E

Correct. TEE uses hardware isolation.

Why this answer

A TEE provides hardware-enforced isolation and a secure area for code execution, protecting sensitive data from the main OS.

34
Multi-Selecthard

A security engineer is hardening a system against buffer overflow attacks. Which of the following are effective mitigations? (Choose THREE)

Select 3 answers
A.Address Space Layout Randomization (ASLR)
B.Data Execution Prevention (DEP/NX)
C.Using unpatched software
D.Stack canaries
E.Disabling ASLR
AnswersA, B, D

Correct. ASLR randomizes memory addresses.

Why this answer

ASLR randomizes memory addresses, DEP prevents code execution on the stack/heap, and stack canaries detect buffer overflows before control data is corrupted.

35
MCQhard

A cloud service provider uses a Type 1 hypervisor to host multiple virtual machines (VMs) for different customers. Which of the following is a primary security concern specific to this architecture?

A.Virtual machine escape from one guest to the hypervisor or other guests
B.Inability to patch the hypervisor without downtime
C.Performance degradation due to resource sharing
D.Lack of support for legacy operating systems
AnswerA

Correct. VM escape is a top security risk for hypervisors.

Why this answer

A VM escape attack occurs when an attacker breaks out of a VM to access the hypervisor or other VMs. This is a critical risk in multi-tenant environments.

36
Multi-Selectmedium

A company is implementing a PKI to support secure web browsing. Which of the following are commonly used to enhance the security of certificate validation? (Choose TWO)

Select 2 answers
A.OCSP stapling
B.Certificate revocation lists (CRLs)
C.Certificate pinning
D.Self-signed root certificates
E.Wildcard certificates
AnswersA, C

Correct. OCSP stapling improves timeliness and reduces CA load.

Why this answer

OCSP stapling allows the server to present a timestamped OCSP response, reducing load on CA. Certificate pinning associates a host with a specific certificate or public key to prevent MITM attacks.

37
MCQmedium

A security architect is designing a system that must prevent conflicts of interest when a consultant works for two competing clients. Which security model ensures that the consultant cannot access data from one client if they have already accessed data from the other?

A.Clark-Wilson
B.Biba
C.Brewer-Nash
D.Bell-LaPadula
AnswerC

Correct. Brewer-Nash enforces Chinese Wall to prevent conflicts of interest.

Why this answer

Brewer-Nash (Chinese Wall) model prevents conflict of interest by dynamically adjusting access based on previously accessed datasets.

38
MCQeasy

Which cryptographic algorithm is a symmetric block cipher widely used for encrypting sensitive data, with key sizes of 128, 192, or 256 bits?

A.RSA
B.RC4
C.AES
D.ECC
AnswerC

AES is a symmetric block cipher.

Why this answer

AES is a symmetric block cipher with standard key sizes of 128, 192, and 256 bits.

39
MCQhard

An organization deploys a hypervisor to host multiple virtual machines. To mitigate the risk of VM escape attacks, which of the following is the most effective security measure?

A.Disabling all unnecessary hypervisor services and applying security patches
B.Using Type 2 hypervisor only
C.Using VLANs to isolate VM traffic
D.Enabling VM snapshots for quick recovery
AnswerA

Minimizing and patching reduces vulnerabilities.

Why this answer

Keeping the hypervisor patched and minimized reduces attack surface and addresses known vulnerabilities that could be exploited for VM escape.

40
Multi-Selectmedium

A security analyst is evaluating access control models for a healthcare organization that needs to enforce both confidentiality and integrity. Which TWO models should be considered? Select two.

Select 2 answers
A.Take-Grant
B.Bell-LaPadula
C.Biba
D.Clark-Wilson
E.Brewer-Nash
AnswersB, C

Confidentiality model.

Why this answer

Bell-LaPadula enforces confidentiality; Biba enforces integrity. Together they address both requirements.

41
Multi-Selecthard

In the context of the Clark-Wilson integrity model, which of the following are key elements? (Choose TWO)

Select 2 answers
A.Simple Security Property
B.Lattice-based access control
C.Constrained Data Items (CDIs)
D.No Write Up property
E.Transformation Procedures (TPs)
AnswersC, E

Correct. CDIs are data items that must be protected.

Why this answer

Clark-Wilson uses well-formed transactions (constrained data items) and separation of duties (transformation procedures and integrity verification procedures).

42
MCQhard

A software vulnerability allows an attacker to overwrite a return address on the stack to execute arbitrary code. What mitigation technique randomizes the memory layout to prevent the attacker from predicting target addresses?

A.ASLR (Address Space Layout Randomization)
B.Stack canary
C.Data Execution Prevention (DEP)
D.NX bit (No-Execute)
AnswerA

Correct. ASLR randomizes memory addresses to hinder exploitation.

Why this answer

ASLR (Address Space Layout Randomization) randomizes the base addresses of executable regions, making it harder to exploit buffer overflows.

43
MCQmedium

A security architect is designing a system for a military intelligence agency where data classification labels (Top Secret, Secret, Confidential, Unclassified) are mandatory. Users are cleared to a specific level and must not read data above their clearance. Which security model enforces this type of access control?

A.Bell-LaPadula model
B.Biba model
C.Brewer-Nash model
D.Clark-Wilson model
AnswerA

Correct. Bell-LaPadula enforces confidentiality via no read up and no write down.

Why this answer

Bell-LaPadula focuses on confidentiality and enforces no read up (simple security property) and no write down (*-property), matching the scenario's need to prevent reading higher classified data.

44
MCQmedium

An organization wants to implement a security mechanism that ensures all accesses are mediated and cannot be bypassed, is tamperproof, and is small enough to be verified. This describes which concept?

A.Trusted Computing Base (TCB)
B.Reference Monitor
C.Trusted Platform Module (TPM)
D.Security Kernel
AnswerB

Correct. The reference monitor is an abstract machine that enforces access control and must be tamperproof, always invoked, and verifiable.

Why this answer

The reference monitor is an abstract model that enforces access control with the properties: complete mediation, tamperproof, and verifiable.

45
MCQhard

During a security audit, a vulnerability scanner reports a buffer overflow vulnerability in a legacy application. The application runs on a system with Data Execution Prevention (DEP/NX) enabled and Address Space Layout Randomization (ASLR) active. Which of the following is the most likely impact of these mitigations on a typical stack-based buffer overflow exploit?

A.They only protect heap-based overflows, not stack-based
B.They completely prevent any exploitation of buffer overflows
C.They make it harder to execute arbitrary code via injected shellcode
D.They have no effect on buffer overflow exploits
AnswerC

Correct. DEP blocks code execution on stack; ASLR hinders address prediction.

Why this answer

DEP prevents code execution in data segments like the stack. ASLR randomizes memory addresses, making it harder for an attacker to redirect execution to injected code. Combined, they significantly raise the bar.

46
MCQhard

A security engineer is evaluating a system that uses a Trusted Platform Module (TPM) for secure boot. The TPM measures the boot components and stores the measurements in Platform Configuration Registers (PCRs). Which of the following is a primary security goal achieved by this process?

A.Ensures the boot process has not been tampered with
B.Provides full disk encryption
C.Prevents all malware from executing
D.Authenticates the user during boot
AnswerA

Correct. The TPM measures and attests boot components to detect tampering.

Why this answer

Measured boot ensures that each boot component's hash is extended into PCRs. The TPM can attest these measurements to a remote verifier, proving the boot integrity.

47
MCQhard

A security engineer is analyzing a vulnerability where an attacker can cause a buffer overflow on the stack. Which mitigation technique randomizes memory addresses to make it harder for the attacker to predict the location of shellcode or return addresses?

A.ASLR
B.SafeSEH
C.Stack canaries
D.DEP/NX bit
AnswerA

Correct. ASLR randomizes memory addresses.

Why this answer

ASLR (Address Space Layout Randomization) randomizes the base addresses of stack, heap, and libraries, making it difficult for an attacker to guess memory addresses.

48
MCQhard

A company is deploying a hypervisor to run multiple virtual servers. To minimize the risk of VM escape attacks, which type of hypervisor should they choose and what hardening measure is most effective?

A.Type 1 hypervisor with minimal services and regular patching
B.Type 2 hypervisor with regular patching
C.Type 2 hypervisor with host-based firewall
D.Type 1 hypervisor with no additional hardening
AnswerA

Correct. Type 1 runs directly on hardware, reducing attack surface; patching mitigates escape vulnerabilities.

Why this answer

Type 1 hypervisors (bare-metal) have a smaller attack surface than Type 2. Regular patching and secure configuration are essential.

49
MCQmedium

A government agency requires a security model that prevents users from reading documents classified above their clearance level and from writing classified information to lower-level systems. Which model enforces these constraints?

A.Bell-LaPadula
B.Biba
C.Brewer-Nash
D.Clark-Wilson
AnswerA

Correct. Bell-LaPadula enforces no read up and no write down to protect confidentiality.

Why this answer

The Bell-LaPadula model is a state machine model that enforces confidentiality via the *no read up* (simple security property) and *no write down* (*-property) rules.

50
MCQeasy

Which type of covert channel uses the timing of events or operations to transmit information?

A.Emanations channel
B.Side channel
C.Timing channel
D.Storage channel
AnswerC

Timing channels use temporal variations.

Why this answer

Timing channels manipulate the timing of events to encode data, while storage channels use shared resources.

51
Multi-Selectmedium

A security engineer is hardening a system against side-channel attacks that exploit variations in execution time or power consumption. Which TWO mitigations are specifically designed to counter such attacks? Select two.

Select 2 answers
A.Data Execution Prevention (DEP)
B.Address Space Layout Randomization (ASLR)
C.Input validation
D.Constant-time algorithms
E.Noise injection in power consumption
AnswersD, E

Prevent timing variations that leak information.

Why this answer

Constant-time programming ensures operations take the same time regardless of inputs, and noise injection obscures power consumption patterns.

52
Multi-Selectmedium

A company is designing a secure application that requires hardware-based key storage and remote attestation. Which THREE technologies provide hardware root of trust? Select three.

Select 3 answers
A.Virtual Trusted Platform Module (vTPM)
B.Hardware Security Module (HSM)
C.Software Guard Extensions (SGX)
D.Trusted Execution Environment (TEE)
E.Trusted Platform Module (TPM)
AnswersB, D, E

HSM provides hardware-based key management and cryptographic operations.

Why this answer

TPM, TEE (e.g., Intel SGX, ARM TrustZone), and HSM provide hardware-based security functions and root of trust.

53
MCQhard

In a PKI hierarchy, a relying party needs to verify a certificate's validity. To reduce latency and improve privacy, which mechanism allows the relying party to obtain the revocation status without contacting the CA directly for each verification?

A.Certificate Transparency (CT) logs
B.Certificate pinning
C.Certificate Revocation List (CRL)
D.OCSP stapling
AnswerD

Correct. OCSP stapling lets the server attach a signed OCSP response during TLS handshake, improving performance and privacy.

Why this answer

OCSP stapling allows the server to provide a time-stamped OCSP response from the CA, reducing the client's need to contact the CA directly.

54
MCQeasy

A security architect is designing a physical security system for a data center. Which of the following is an example of a layered physical control at the perimeter?

A.Biometric access to server room
B.Locked server cabinets
C.CCTV in the lobby
D.Fencing around the property
AnswerD

Fencing is a perimeter security measure.

Why this answer

Fencing is a perimeter control that provides a physical barrier around the facility.

55
Multi-Selectmedium

A security architect is evaluating physical security controls for a facility handling sensitive data. Which of the following are examples of layered physical security controls? (Choose THREE)

Select 3 answers
A.Perimeter fence
B.Server rack locks
C.Mantrap at the entrance to the secure area
D.Single-factor authentication for all doors
E.Unsecured windows on ground floor
AnswersA, B, C

Correct. Perimeter fence is an outer layer.

Why this answer

Layered security uses multiple barriers: perimeter (fence), external (lighting), building (locks), secure area (mantrap), and IT area (cage). Biometrics and guards are also layers.

56
MCQeasy

Which access control model allows data owners to grant or revoke access to resources they own, typically implemented using ACLs?

A.MAC
B.RBAC
C.ABAC
D.DAC
AnswerD

Correct. DAC allows owners to grant access.

Why this answer

DAC (Discretionary Access Control) enables owners to control access to their resources, commonly via ACLs.

57
MCQmedium

A software developer is concerned about buffer overflow vulnerabilities. Which combination of mitigations makes it most difficult for an attacker to exploit a stack-based buffer overflow?

A.Using a privileged account to run the application
B.Disabling stack protection
C.Stack canaries and NOP sleds
D.Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR)
AnswerD

DEP and ASLR are standard mitigations against memory corruption exploits.

Why this answer

Data Execution Prevention (DEP) prevents code execution on the stack, and Address Space Layout Randomization (ASLR) randomizes memory addresses, making it harder to predict target addresses.

58
MCQmedium

A security architect is evaluating hypervisor security for a multi-tenant cloud environment. Which type of hypervisor is considered more secure because it runs directly on the hardware without a host operating system, reducing the attack surface?

A.Virtual machine monitor
B.Containers
C.Type 1 hypervisor
D.Type 2 hypervisor
AnswerC

Correct. Type 1 has a smaller attack surface.

Why this answer

Type 1 hypervisors (bare-metal) run directly on hardware, eliminating the OS layer that could be exploited. Examples: VMware ESXi, Hyper-V.

59
Multi-Selectmedium

A security architect is designing a system to protect against side-channel attacks that exploit electromagnetic emanations. Which TWO controls are most effective?

Select 2 answers
A.Data encryption at rest
B.TEMPEST shielding
D.Time-based access controls
E.Faraday cage
AnswersB, E

Reduces electromagnetic emanations from equipment.

Why this answer

TEMPEST shielding reduces emanations, and Faraday cages block electromagnetic signals. While physical access control is important, it does not directly address emanations.

60
Multi-Selectmedium

An organization is implementing a defense-in-depth strategy for a data center. Which THREE of the following are examples of physical security controls that align with layered defense?

Select 3 answers
A.Antivirus software
C.Card reader at building entrance
D.Server cage locks
E.Perimeter fencing
AnswersC, D, E

Correct. Card readers control access at the building layer.

Why this answer

Layered physical security includes perimeter fencing, building access controls (e.g., card readers), and internal secure areas (e.g., server cages).

Ready to test yourself?

Try a timed practice session using only Cissp Security Arch questions.