712-50 Free Practice Test

- (Topic 3)
An organization has a stated requirement to block certain traffic on networks. The
implementation of controls will disrupt a manufacturing process and cause unacceptable delays, resulting in sever revenue disruptions. Which of the following is MOST likely to be responsible for accepting the risk until mitigating controls can be implemented?

1. A. The CISO
2. B. Audit and Compliance
3. C. The CFO
4. D. The business owner

Correct Answer: D

- (Topic 1)
If your organization operates under a model of "assumption of breach", you should:

1. A. Protect all information resource assets equally
2. B. Establish active firewall monitoring protocols
3. C. Purchase insurance for your compliance liability
4. D. Focus your security efforts on high value assets

Correct Answer: :C

- (Topic 2)
The CIO of an organization has decided to assign the responsibility of internal IT audit to the IT team. This is consider a bad practice MAINLY because

1. A. The IT team is not familiar in IT audit practices
2. B. This represents a bad implementation of the Least Privilege principle
3. C. This represents a conflict of interest
4. D. The IT team is not certified to perform audits

Correct Answer: C

- (Topic 1)
Credit card information, medical data, and government records are all examples of:

1. A. Confidential/Protected Information
2. B. Bodily Information
3. C. Territorial Information
4. D. Communications Information

Correct Answer: A

- (Topic 3)
Acme Inc. has engaged a third party vendor to provide 99.999% up-time for their online web presence and had them contractually agree to this service level agreement. What type of risk tolerance is Acme exhibiting? (choose the BEST answer):

1. A. low risk-tolerance
2. B. high risk-tolerance
3. C. moderate risk-tolerance
4. D. medium-high risk-tolerance

Correct Answer: A