712-50 Free Practice Test

- (Exam Topic 1)
If your organization operates under a model of "assumption of breach", you should:

1. A. Protect all information resource assets equally
2. B. Establish active firewall monitoring protocols
3. C. Purchase insurance for your compliance liability
4. D. Focus your security efforts on high value assets

Correct Answer: C

- (Exam Topic 1)
Within an organization’s vulnerability management program, who has the responsibility to implement remediation actions?

1. A. Security officer
2. B. Data owner
3. C. Vulnerability engineer
4. D. System administrator

Correct Answer: D

- (Exam Topic 5)
Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.
Recently, members of your organization have been targeted through a number of sophisticated phishing attempts and have compromised their system credentials. What action can you take to prevent the misuse of compromised credentials to change bank account information from outside your organization while still allowing employees to manage their bank information?

1. A. Turn off VPN access for users originating from outside the country
2. B. Enable monitoring on the VPN for suspicious activity
3. C. Force a change of all passwords
4. D. Block access to the Employee-Self Service application via VPN

Correct Answer: D

- (Exam Topic 1)
You have recently drafted a revised information security policy. From whom should you seek endorsement in order to have the GREATEST chance for adoption and implementation throughout the entire organization?

1. A. Chief Information Security Officer
2. B. Chief Executive Officer
3. C. Chief Information Officer
4. D. Chief Legal Counsel

Correct Answer: B

- (Exam Topic 6)
Which of the following statements below regarding Key Performance indicators (KPIs) are true?

1. A. Development of KPI’s are most useful when done independently
2. B. They are a strictly quantitative measure of success
3. C. They should be standard throughout the organization versus domain-specific so they are more easily correlated
4. D. They are a strictly qualitative measure of success

Correct Answer: A
Reference: https://kpi.org/KPI-Basics/KPI-Development