712-50 Free Practice Test

- (Topic 3)
A person in your security team calls you at night and informs you that one of your web applications is potentially under attack from a cross-site scripting vulnerability. What do you do?

1. A. tell him to shut down the server
2. B. tell him to call the police
3. C. tell him to invoke the incident response process
4. D. tell him to analyze the problem, preserve the evidence and provide a full analysis and report

Correct Answer: C

- (Topic 2)
Dataflow diagrams are used by IT auditors to:

1. A. Order data hierarchically.
2. B. Highlight high-level data definitions.
3. C. Graphically summarize data paths and storage processes.
4. D. Portray step-by-step details of data generation.

Correct Answer: C

- (Topic 2)
Which of the following is considered to be an IT governance framework and a supporting
toolset that allows for managers to bridge the gap between control requirements, technical issues, and business risks?

1. A. Control Objective for Information Technology (COBIT)
2. B. Committee of Sponsoring Organizations (COSO)
3. C. Payment Card Industry (PCI)
4. D. Information Technology Infrastructure Library (ITIL)

Correct Answer: A

- (Topic 1)
The purpose of NIST SP 800-53 as part of the NIST System Certification and Accreditation Project is to establish a set of standardized, minimum security controls for IT systems
addressing low, moderate, and high levels of concern for

1. A. Confidentiality, Integrity and Availability
2. B. Assurance, Compliance and Availability
3. C. International Compliance
4. D. Integrity and Availability

Correct Answer: A

- (Topic 4)
Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network. Which is the single most important factor to introducing digital evidence into a court of law?

1. A. Comprehensive Log-Files from all servers and network devices affected during the attack
2. B. Fully trained network forensic experts to analyze all data right after the attack
3. C. Uninterrupted Chain of Custody
4. D. Expert forensics witness

Correct Answer: C