712-50 Free Practice Test

- (Exam Topic 2)
The CIO of an organization has decided to assign the responsibility of internal IT audit to the IT team. This is consider a bad practice MAINLY because

1. A. The IT team is not familiar in IT audit practices
2. B. This represents a bad implementation of the Least Privilege principle
3. C. This represents a conflict of interest
4. D. The IT team is not certified to perform audits

Correct Answer: C

- (Exam Topic 5)
SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.
Which of the following is the FIRST action the CISO will perform after receiving the audit report?

1. A. Inform peer executives of the audit results
2. B. Validate gaps and accept or dispute the audit findings
3. C. Create remediation plans to address program gaps
4. D. Determine if security policies and procedures are adequate

Correct Answer: B

- (Exam Topic 5)
The new CISO was informed of all the Information Security projects that the organization has in progress. Two projects are over a year behind schedule and over budget. Using best business practices for project management you determine that the project correctly aligns with the company goals.
Which of the following needs to be performed NEXT?

1. A. Verify the scope of the project
2. B. Verify the regulatory requirements
3. C. Verify technical resources
4. D. Verify capacity constraints

Correct Answer: A

- (Exam Topic 6)
A Security Operations (SecOps) Manager is considering implementing threat hunting to be able to make better decisions on protecting information and assets.
What is the MAIN goal of threat hunting to the SecOps Manager?

1. A. Improve discovery of valid detected events
2. B. Enhance tuning of automated tools to detect and prevent attacks
3. C. Replace existing threat detection strategies
4. D. Validate patterns of behavior related to an attack

Correct Answer: A
Reference:
https://www.techtarget.com/searchsecurity/feature/7-SecOps-roles-and-responsibilities-for-the-modern-enterpris

- (Exam Topic 6)
Which of the following strategies provides the BEST response to a ransomware attack?

1. A. Real-time off-site replication
2. B. Daily incremental backup
3. C. Daily full backup
4. D. Daily differential backup

Correct Answer: B