712-50 Free Practice Test

- (Exam Topic 2)
An organization is required to implement background checks on all employees with access to databases containing credit card information. This is considered a security

1. A. Procedural control
2. B. Management control
3. C. Technical control
4. D. Administrative control

Correct Answer: B

- (Exam Topic 1)
Which of the following is the MOST important for a CISO to understand when identifying threats?

1. A. How vulnerabilities can potentially be exploited in systems that impact the organization
2. B. How the security operations team will behave to reported incidents
3. C. How the firewall and other security devices are configured to prevent attacks
4. D. How the incident management team prepares to handle an attack

Correct Answer: A

- (Exam Topic 5)
SCENARIO: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization’s needs.
The CISO is unsure of the information provided and orders a vendor proof of concept to validate the system’s scalability. This demonstrates which of the following?

1. A. An approach that allows for minimum budget impact if the solution is unsuitable
2. B. A methodology-based approach to ensure authentication mechanism functions
3. C. An approach providing minimum time impact to the implementation schedules
4. D. A risk-based approach to determine if the solution is suitable for investment

Correct Answer: D

- (Exam Topic 1)
You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the

1. A. Controlled mitigation effort
2. B. Risk impact comparison
3. C. Relative likelihood of event
4. D. Comparative threat analysis

Correct Answer: C

- (Exam Topic 1)
You have purchased a new insurance policy as part of your risk strategy. Which of the following risk strategy options have you engaged in?

1. A. Risk Avoidance
2. B. Risk Acceptance
3. C. Risk Transfer
4. D. Risk Mitigation

Correct Answer: C