712-50 Free Practice Test

- (Exam Topic 5)
A CISO has implemented a risk management capability within the security portfolio. Which of the following terms best describes this functionality?

1. A. Service
2. B. Program
3. C. Portfolio
4. D. Cost center

Correct Answer: B

- (Exam Topic 5)
Which of the following conditions would be the MOST probable reason for a security project to be rejected by the executive board of an organization?

1. A. The Net Present Value (NPV) of the project is positive
2. B. The NPV of the project is negative
3. C. The Return on Investment (ROI) is larger than 10 months
4. D. The ROI is lower than 10 months

Correct Answer: B

- (Exam Topic 1)
Risk appetite directly affects what part of a vulnerability management program?

1. A. Staff
2. B. Scope
3. C. Schedule
4. D. Scan tools

Correct Answer: B

- (Exam Topic 1)
After a risk assessment is performed, a particular risk is considered to have the potential of costing the organization 1.2 Million USD. This is an example of

1. A. Risk Tolerance
2. B. Qualitative risk analysis
3. C. Risk Appetite
4. D. Quantitative risk analysis

Correct Answer: D

- (Exam Topic 5)
Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.
From an Information Security Leadership perspective, which of the following is a MAJOR concern about the CISO’s approach to security?

1. A. Lack of risk management process
2. B. Lack of sponsorship from executive management
3. C. IT security centric agenda
4. D. Compliance centric agenda

Correct Answer: C