712-50 Free Practice Test

- (Topic 1)
Ensuring that the actions of a set of people, applications and systems follow the organization’s rules is BEST described as:

1. A. Risk management
2. B. Security management
3. C. Mitigation management
4. D. Compliance management

Correct Answer: D

- (Topic 1)
An organization has defined a set of standard security controls. This organization has also defined the circumstances and conditions in which they must be applied. What is the NEXT logical step in applying the controls in the organization?

1. A. Determine the risk tolerance
2. B. Perform an asset classification
3. C. Create an architecture gap analysis
4. D. Analyze existing controls on systems

Correct Answer: B

- (Topic 4)
What type of attack requires the least amount of technical equipment and has the highest success rate?

1. A. War driving
2. B. Operating system attacks
3. C. Social engineering
4. D. Shrink wrap attack

Correct Answer: C

- (Topic 4)
The process of identifying and classifying assets is typically included in the

1. A. Threat analysis process
2. B. Asset configuration management process
3. C. Business Impact Analysis
4. D. Disaster Recovery plan

Correct Answer: C

- (Topic 5)
SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.
The CISO has implemented remediation activities. Which of the following is the MOST logical next step?

1. A. Validate the effectiveness of applied controls
2. B. Validate security program resource requirements
3. C. Report the audit findings and remediation status to business stake holders
4. D. Review security procedures to determine if they need modified according to findings

Correct Answer: A