712-50 Free Practice Test

- (Topic 3)
A CISO sees abnormally high volumes of exceptions to security requirements and constant pressure from business units to change security processes. Which of the following represents the MOST LIKELY cause of this situation?

1. A. Poor audit support for the security program
2. B. A lack of executive presence within the security program
3. C. Poor alignment of the security program to business needs
4. D. This is normal since business units typically resist security requirements

Correct Answer: C

- (Topic 3)
A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?

1. A. The software license expiration is probably out of synchronization with other software licenses
2. B. The project was initiated without an effort to get support from impacted business units in the organization
3. C. The software is out of date and does not provide for a scalable solution across the enterprise
4. D. The security officer should allow time for the organization to get accustomed to her presence before initiating security projects

Correct Answer: B

- (Topic 4)
As a CISO you need to understand the steps that are used to perform an attack against a network. Put each step into the correct order.
1.Covering tracks 2.Scanning and enumeration 3.Maintaining Access 4.Reconnaissance
5.Gaining Access

1. A. 4, 2, 5, 3, 1
2. B. 2, 5, 3, 1, 4
3. C. 4, 5, 2, 3, 1
4. D. 4, 3, 5, 2, 1

Correct Answer: A

- (Topic 3)
When is an application security development project complete?

1. A. When the application is retired.
2. B. When the application turned over to production.
3. C. When the application reaches the maintenance phase.
4. D. After one year.

Correct Answer: A

- (Topic 1)
A security manager has created a risk program. Which of the following is a critical part of ensuring the program is successful?

1. A. Providing a risk program governance structure
2. B. Ensuring developers include risk control comments in code
3. C. Creating risk assessment templates based on specific threats
4. D. Allowing for the acceptance of risk for regulatory compliance requirements

Correct Answer: A