712-50 Free Practice Test

- (Exam Topic 1)
A security manager has created a risk program. Which of the following is a critical part of ensuring the program is successful?

1. A. Providing a risk program governance structure
2. B. Ensuring developers include risk control comments in code
3. C. Creating risk assessment templates based on specific threats
4. D. Allowing for the acceptance of risk for regulatory compliance requirements

Correct Answer: A

- (Exam Topic 6)
What is a Statement of Objectives (SOA)?

1. A. A section of a contract that defines tasks to be performed under said contract
2. B. An outline of what the military will do during war
3. C. A document that outlines specific desired outcomes as part of a request for proposal
4. D. Business guidance provided by the CEO

Correct Answer: A

- (Exam Topic 1)
When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?

1. A. An independent Governance, Risk and Compliance organization
2. B. Alignment of security goals with business goals
3. C. Compliance with local privacy regulations
4. D. Support from Legal and HR teams

Correct Answer: B

- (Exam Topic 3)
A system was hardened at the Operating System level and placed into the production environment. Months later an audit was performed and it identified insecure configuration different from the original hardened state. Which of the following security issues is the MOST likely reason leading to the audit findings?

1. A. Lack of asset management processes
2. B. Lack of change management processes
3. C. Lack of hardening standards
4. D. Lack of proper access controls

Correct Answer: B

- (Exam Topic 4)
SQL injection is a very popular and successful injection attack method. Identify the basic SQL injection text:

1. A. ‘ o 1=1 -
2. B. /../../../../
3. C. “DROPTABLE USERNAME”
4. D. NOPS

Correct Answer: A