Access Control — CISSP Practice Questions
Access control is the collection of mechanisms that restrict who or what can view, use, or modify resources within a system, and it underpins nearly every domain of the CISSP Common Body of Knowledge. The exam tests candidates on the three components of access control: identification, authentication, and authorization, as well as the administrative, physical, and technical control categories. Understanding how access control supports the principles of least privilege and need-to-know is essential for answering scenario-based questions. Candidates must also recognize how access control failures lead to breaches and how layered controls compensate for individual weaknesses.
Free questions on access control
What is Defense in Depth?
Free question · medium · full answer + explanation
What is the principle of least privilege?
Free question · easy · full answer + explanation
More access control questions in the full bank
- Which control mechanism ensures that individuals who pose risk to security are prevented from accessing systems? Unlock answer & explanation →
- A system should deny access by default and only grant what is explicitly needed. Which principle is this? Unlock answer & explanation →
- An organization uses cloud storage for sensitive business data. What control reduces the risk of unauthorized access? Unlock answer & explanation →