712-50 Free Practice Test

- (Topic 4)
The process of creating a system which divides documents based on their security level to manage access to private data is known as

1. A. security coding
2. B. data security system
3. C. data classification
4. D. privacy protection

Correct Answer: C

- (Topic 1)
In accordance with best practices and international standards, how often is security awareness training provided to employees of an organization?

1. A. High risk environments 6 months, low risk environments 12 months
2. B. Every 12 months
3. C. Every 18 months
4. D. Every six months

Correct Answer: B

- (Topic 5)
Which of the following is MOST useful when developing a business case for security initiatives?

1. A. Budget forecasts
2. B. Request for proposals
3. C. Cost/benefit analysis
4. D. Vendor management

Correct Answer: C

- (Topic 1)
What role should the CISO play in properly scoping a PCI environment?

1. A. Validate the business units’ suggestions as to what should be included in the scoping process
2. B. Work with a Qualified Security Assessor (QSA) to determine the scope of the PCI environment
3. C. Ensure internal scope validation is completed and that an assessment has been done to discover all credit card data
4. D. Complete the self-assessment questionnaire and work with an Approved Scanning Vendor (ASV) to determine scope

Correct Answer: :C

- (Topic 1)
What is the definition of Risk in Information Security?

1. A. Risk = Probability x Impact
2. B. Risk = Threat x Probability
3. C. Risk = Financial Impact x Probability
4. D. Risk = Impact x Threat

Correct Answer: A