712-50 Free Practice Test

- (Exam Topic 6)
The main purpose of the SOC is:

1. A. An organization which provides Tier 1 support for technology issues and provides escalation when needed
2. B. A distributed organization which provides intelligence to governments and private sectors on cyber-criminal activities
3. C. The coordination of personnel, processes and technology to identify information security events and provide timely response and remediation
4. D. A device which consolidates event logs and provides real-time analysis of security alerts generated by applications and network hardware

Correct Answer: C
Reference: https://www.eccouncil.org/what-is-soc/

- (Exam Topic 1)
From an information security perspective, information that no longer supports the main purpose of the business should be:

1. A. assessed by a business impact analysis.
2. B. protected under the information classification policy.
3. C. analyzed under the data ownership policy.
4. D. analyzed under the retention policy

Correct Answer: D

- (Exam Topic 2)
A Chief Information Security Officer received a list of high, medium, and low impact audit findings. Which of the following represents the BEST course of action?

1. A. If the findings impact regulatory compliance, try to apply remediation that will address the most findings for the least cost.
2. B. If the findings do not impact regulatory compliance, remediate only the high and medium risk findings.
3. C. If the findings impact regulatory compliance, remediate the high findings as quickly as possible.
4. D. If the findings do not impact regulatory compliance, review current security controls.

Correct Answer: C

- (Exam Topic 3)
The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help mitigate the risks?

1. A. Provide developer security training
2. B. Deploy Intrusion Detection Systems
3. C. Provide security testing tools
4. D. Implement Compensating Controls

Correct Answer: D

- (Exam Topic 1)
The success of the Chief Information Security Officer is MOST dependent upon:

1. A. favorable audit findings
2. B. following the recommendations of consultants and contractors
3. C. development of relationships with organization executives
4. D. raising awareness of security issues with end users

Correct Answer: C