712-50 Free Practice Test

- (Topic 2)
To have accurate and effective information security policies how often should the CISO review the organization policies?

1. A. Every 6 months
2. B. Quarterly
3. C. Before an audit
4. D. At least once a year

Correct Answer: D

- (Topic 1)
When creating a vulnerability scan schedule, who is the MOST critical person to communicate with in order to ensure impact of the scan is minimized?

1. A. The asset owner
2. B. The asset manager
3. C. The data custodian
4. D. The project manager

Correct Answer: :A

- (Topic 5)
The process for management approval of the security certification process which states the risks and mitigation of such risks of a given IT system is called

1. A. Security certification
2. B. Security system analysis
3. C. Security accreditation
4. D. Alignment with business practices and goals.

Correct Answer: C

- (Topic 3)
Which of the following are not stakeholders of IT security projects?

1. A. Board of directors
2. B. Third party vendors
3. C. CISO
4. D. Help Desk

Correct Answer: B

- (Topic 1)
What is the relationship between information protection and regulatory compliance?

1. A. That all information in an organization must be protected equally.
2. B. The information required to be protected by regulatory mandate does not have to be identified in the organizations data classification policy.
3. C. That the protection of some information such as National ID information is mandated by regulation and other information such as trade secrets are protected based on business need.
4. D. There is no relationship between the two.

Correct Answer: C