712-50 Free Practice Test

- (Exam Topic 3)
Which of the following best summarizes the primary goal of a security program?

1. A. Provide security reporting to all levels of an organization
2. B. Create effective security awareness to employees
3. C. Manage risk within the organization
4. D. Assure regulatory compliance

Correct Answer: C

- (Exam Topic 2)
Many times a CISO may have to speak to the Board of Directors (BOD) about their cyber security posture. What would be the BEST choice of security metrics to present to the BOD?

1. A. All vulnerabilities found on servers and desktops
2. B. Only critical and high vulnerabilities on servers and desktops
3. C. Only critical and high vulnerabilities that impact important production servers
4. D. All vulnerabilities that impact important production servers

Correct Answer: C

- (Exam Topic 2)
To have accurate and effective information security policies how often should the CISO review the organization policies?

1. A. Every 6 months
2. B. Quarterly
3. C. Before an audit
4. D. At least once a year

Correct Answer: D

- (Exam Topic 6)
During a cyber incident, which non-security personnel might be needed to assist the security team?

1. A. Threat analyst, IT auditor, forensic analyst
2. B. Network engineer, help desk technician, system administrator
3. C. CIO, CFO, CSO
4. D. Financial analyst, payroll clerk, HR manager

Correct Answer: A

- (Exam Topic 2)
As the new CISO at the company you are reviewing the audit reporting process and notice that it includes only detailed technical diagrams. What else should be in the reporting process?

1. A. Executive summary
2. B. Penetration test agreement
3. C. Names and phone numbers of those who conducted the audit
4. D. Business charter

Correct Answer: A