Skip to main content

Identity And Access Management

Domain 05 Practice Set: 01

CISSP DOMAIN 05: Identity And Access Management (Practice Questions)

  CISSP Domain 5 : This domain focuses on granting and revoking privileges to access data or perform actions on systems. It encompasses identification, authentication, authorization, and accountability to ensure that the right entities have appropriate access to resources. This domain is critical for maintaining secure and efficient access control systems within an organization.  

Domain 05: Practice Set 01

Disclaimer: The practice exam questions provided are representative of the certification exam, but not the actual questions you will see on the certification exam. Practice exams are for self-assessment.

Page : 1/10

1. What is the primary purpose of access control in an information security environment?
2. Which of the following is an example of two-factor authentication?
3. What is the principle of least privilege?
4. Which of the following best describes Role-Based Access Control (RBAC)?
5. Which of the following protocols is commonly used for directory services and can be used to implement Single Sign-On (SSO)?

Page : 2/10

6. What is the purpose of a user provisioning process?
7. Which of the following is considered a logical access control mechanism?
8. What is the main advantage of implementing Single Sign-On (SSO)?
9. Which access control model is based on the sensitivity of information and clearance level of subjects?
10. Which of the following best describes an identity federation?

Page : 3/10

11. What type of access control is typically used by firewalls?
12. When you input a user ID and password, you are performing what important identity and access management activity?
13. Googleโ€™s identity integration with a variety of organizations and applications across domains is an example of which of the following?
14. Amanda starts at her new job and finds that she has access to a variety of systems that she does not need to accomplish her job. What problem has she encountered?
15. What authentication technology can be paired with OAuth to perform identity verification and obtain user profile information using a RESTful API?

Page : 4/10

16. What is the primary purpose of Single Sign-On (SSO) in an enterprise environment?
17. Which of the following is NOT a characteristic of Role-Based Access Control (RBAC)?
18. What is the main advantage of implementing multi-factor authentication (MFA)?
19. Which access control model is primarily used to enforce security policies within government and military environments?
20. What is the purpose of an Identity Provider (IdP) in federated identity management?

Page : 5/10

21. Which of the following is a common vulnerability associated with password-based authentication systems?
22. Which of the following best describes the purpose of an audit trail in an identity and access management system?
23. What type of attack involves an attacker gaining unauthorized access by using another person's credentials?
24. Which of the following is an example of discretionary access control (DAC)?
25. What is the primary function of a directory service in identity and access management?

Page : 6/10

26. Which of the following is a characteristic of a strong password policy?
27. What is the purpose of an identity federation in a cloud environment?
28. Which of the following is a common method for implementing access control lists (ACLs)?
29. What is a major benefit of implementing multi-factor authentication (MFA)?
30. Which of the following describes a challenge-response authentication mechanism?

Page : 7/10

31. What is the primary purpose of a security token in an authentication system?
32. When Chris verifies an individualโ€™s identity and adds a unique identifier like a user ID to an identity system, what process has occurred?
33. Jim wants to implement an access control scheme that will ensure that users cannot delegate access. He also wants to enforce access control at the operating system level. What access control mechanism best fits these requirements?
34. NACโ€™s posturing capability determines if a system is sufficiently secure and compliant enough to connect to a network. This is a form of what type of access control?
35. What principle ensures that a user only has access to the information and resources necessary for their role?

Page : 8/10

36. Which access control model is based on the job function of the user?
37. Which of the following describes "Just-In-Time (JIT) provisioning"?
38. In the context of identity and access management, what does the term "provisioning" refer to?
39. Which of the following best describes an identity federation?
40. Which of the following mechanisms is used to ensure that a user can be held accountable for their actions in an information system?

Page : 9/10

41. What is the primary benefit of using biometric authentication methods?
42. In access control models, what is the main purpose of the "separation of duties" principle?
43. What is the primary role of an Access Control List (ACL) in an information system?
44. What type of access control model uses rules that can include the attributes of users, resources, and the environment?
45. Which of the following best describes the concept of "separation of duties"?

Page : 10/10

46. What is an example of an attribute-based access control (ABAC) system?
47. Which of the following is a benefit of using a centralized identity and access management (IAM) system?
48. What is the main purpose of using a Public Key Infrastructure (PKI) in identity management?
49. What is a common method for implementing least privilege access control?
50. Which of the following authentication factors is considered "something you have"?
CISSP Practice Test, Quiz & Flashcards

More practice question and flash cards

Risk & Security Management

Domain_01_CISSP Practice Set 01

Asset Security

Domain_02_CISSP Practice Set 01

Security Architecture & Engineering

Domain_03_CISSP Practice Set 01

Communication & Network Security

Domain_04_CISSP Practice Set 01

Identity & Access Management

Domain_05_CISSP Practice Set 01

Domain 05: Mindmaps, Flashcards and more…

Learn More

CISSP Practice Sets Status

CISSP practice sets and Questions counter

5

CISSP Practice Sets

250

Questions

5.8

Test Submited by Users