712-50 Free Practice Test

- (Topic 5)
What is the primary reason for performing a return on investment analysis?

1. A. To decide between multiple vendors
2. B. To decide is the solution costs less than the risk it is mitigating
3. C. To determine the current present value of a project
4. D. To determine the annual rate of loss

Correct Answer: B

- (Topic 2)
Which of the following reports should you as an IT auditor use to check on compliance with a service level agreement’s requirement for uptime?

1. A. Systems logs
2. B. Hardware error reports
3. C. Utilization reports
4. D. Availability reports

Correct Answer: D

- (Topic 1)
When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?

1. A. When there is a need to develop a more unified incident response capability.
2. B. When the enterprise is made up of many business units with diverse business activities, risks profiles and regulatory requirements.
3. C. When there is a variety of technologies deployed in the infrastructure.
4. D. When it results in an overall lower cost of operating the security program.

Correct Answer: B

- (Topic 3)
Which of the following can the company implement in order to avoid this type of security issue in the future?

1. A. Network based intrusion detection systems
2. B. A security training program for developers
3. C. A risk management process
4. D. A audit management process

Correct Answer: B

- (Topic 4)
What is the FIRST step in developing the vulnerability management program?

1. A. Baseline the Environment
2. B. Maintain and Monitor
3. C. Organization Vulnerability
4. D. Define Policy

Correct Answer: A