What Practical 712-50 Actual Test Is

NEW QUESTION 1

Ensuring that the actions of a set of people, applications and systems follow the organization’s rules is BEST described as:

• A. Risk management
• B. Security management
• C. Mitigation management
• D. Compliance management

Answer: D

NEW QUESTION 2

Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.
Recently, members of your organization have been targeted through a number of sophisticated phishing attempts and have compromised their system credentials. What action can you take to prevent the misuse of compromised credentials to change bank account information from outside your organization while still allowing employees to manage their bank information?

• A. Turn off VPN access for users originating from outside the country
• B. Enable monitoring on the VPN for suspicious activity
• C. Force a change of all passwords
• D. Block access to the Employee-Self Service application via VPN

Answer: D

NEW QUESTION 3

Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has full access to the data on the foreign server.
What action should you take FIRST?

• A. Destroy the repository of stolen data
• B. Contact your local law enforcement agency
• C. Consult with other C-Level executives to develop an action plan
• D. Contract with a credit reporting company for paid monitoring services for affected customers

Answer: C

NEW QUESTION 4

A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?

• A. The software license expiration is probably out of synchronization with other software licenses
• B. The project was initiated without an effort to get support from impacted business units in the organization
• C. The software is out of date and does not provide for a scalable solution across the enterprise
• D. The security officer should allow time for the organization to get accustomed to her presence before initiating security projects

Answer: B

NEW QUESTION 5

You currently cannot provide for 24/7 coverage of your security monitoring and incident response duties and your company is resistant to the idea of adding more full-time employees to the payroll. Which combination of solutions would help to provide the coverage needed without the addition of more dedicated staff? (choose the best answer):

• A. Deploy a SEIM solution and have current staff review incidents first thing in the morning
• B. Contract with a managed security provider and have current staff on recall for incident response
• C. Configure your syslog to send SMS messages to current staff when target events are triggered
• D. Employ an assumption of breach protocol and defend only essential information resources

Answer: B

NEW QUESTION 6

SCENARIO: A CISO has several two-factor authentication systems under review and
selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization’s needs.
What is the MOST logical course of action the CISO should take?

• A. Review the original solution set to determine if another system would fit the organization’s risk appetite and budgetregulatory compliance requirements
• B. Continue with the implementation and submit change requests to the vendor in order to ensure required functionality will be provided when needed
• C. Continue with the project until the scalability issue is validated by others, such as an auditor or third party assessor
• D. Cancel the project if the business need was based on internal requirements versus regulatory compliance requirements

Answer: A

NEW QUESTION 7

A stakeholder is a person or group:

• A. Vested in the success and/or failure of a project or initiative regardless of budget implications.
• B. Vested in the success and/or failure of a project or initiative and is tied to the project budget.
• C. That has budget authority.
• D. That will ultimately use the system.

Answer: A

NEW QUESTION 8

Which of the following is a critical operational component of an Incident Response Program (IRP)?

• A. Weekly program budget reviews to ensure the percentage of program funding remains constant.
• B. Annual review of program charters, policies, procedures and organizational agreements.
• C. Daily monitoring of vulnerability advisories relating to your organization’s deployed technologies.
• D. Monthly program tests to ensure resource allocation is sufficient for supporting the needs of the organization

Answer: C

NEW QUESTION 9

When analyzing and forecasting an operating expense budget what are not included?

• A. Software and hardware license fees
• B. Utilities and power costs
• C. Network connectivity costs
• D. New datacenter to operate from

Answer: D

NEW QUESTION 10

You are having a penetration test done on your company network and the leader of the team says they discovered all the network devices because no one had changed the Simple Network Management Protocol (SNMP) community strings from the defaults. Which of the following is a default community string?

• A. Execute
• B. Read
• C. Administrator
• D. Public

Answer: D

NEW QUESTION 11

Which of the following is a countermeasure to prevent unauthorized database access from web applications?

• A. Session encryption
• B. Removing all stored procedures
• C. Input sanitization
• D. Library control

Answer: C

NEW QUESTION 12

A new CISO just started with a company and on the CISO's desk is the last complete Information Security Management audit report. The audit report is over two years old. After reading it, what should be the CISO's FIRST priority?

• A. Have internal audit conduct another audit to see what has changed.
• B. Contract with an external audit company to conduct an unbiased audit
• C. Review the recommendations and follow up to see if audit implemented the changes
• D. Meet with audit team to determine a timeline for corrections

Answer: C

NEW QUESTION 13

Which wireless encryption technology makes use of temporal keys?

• A. Wireless Application Protocol (WAP)
• B. Wifi Protected Access version 2 (WPA2)
• C. Wireless Equivalence Protocol (WEP)
• D. Extensible Authentication Protocol (EAP)

Answer: B

NEW QUESTION 14

The executive board has requested that the CISO of an organization define and Key Performance Indicators (KPI) to measure the effectiveness of the security awareness program provided to call center employees. Which of the following can be used as a KPI?

• A. Number of callers who report security issues.
• B. Number of callers who report a lack of customer service from the call center
• C. Number of successful social engineering attempts on the call center
• D. Number of callers who abandon the call before speaking with a representative

Answer: C

NEW QUESTION 15

When managing the critical path of an IT security project, which of the following is MOST important?

• A. Knowing who all the stakeholders are.
• B. Knowing the people on the data center team.
• C. Knowing the threats to the organization.
• D. Knowing the milestones and timelines of deliverables.

Answer: :D

NEW QUESTION 16

When an organization claims it is secure because it is PCI-DSS certified, what is a good first question to ask towards assessing the effectiveness of their security program?

• A. How many credit card records are stored?
• B. How many servers do you have?
• C. What is the scope of the certification?
• D. What is the value of the assets at risk?

Answer: C

NEW QUESTION 17

Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?

• A. Need to comply with breach disclosure laws
• B. Need to transfer the risk associated with hosting PII data
• C. Need to better understand the risk associated with using PII data
• D. Fiduciary responsibility to safeguard credit card information

Answer: C

NEW QUESTION 18

Which of the following activities must be completed BEFORE you can calculate risk?

• A. Determining the likelihood that vulnerable systems will be attacked by specific threats
• B. Calculating the risks to which assets are exposed in their current setting
• C. Assigning a value to each information asset
• D. Assessing the relative risk facing the organization’s information assets

Answer: C

NEW QUESTION 19

An employee successfully avoids becoming a victim of a sophisticated spear phishing attack due to knowledge gained through the corporate information security awareness program. What type of control has been effectively utilized?

• A. Management Control
• B. Technical Control
• C. Training Control
• D. Operational Control

Answer: D

NEW QUESTION 20

What is the primary reason for performing a return on investment analysis?

• A. To decide between multiple vendors
• B. To decide is the solution costs less than the risk it is mitigating
• C. To determine the current present value of a project
• D. To determine the annual rate of loss

Answer: B

NEW QUESTION 21

When a CISO considers delaying or not remediating system vulnerabilities which of the following are MOST important to take into account?

• A. Threat Level, Risk of Compromise, and Consequences of Compromise
• B. Risk Avoidance, Threat Level, and Consequences of Compromise
• C. Risk Transfer, Reputational Impact, and Consequences of Compromise
• D. Reputational Impact, Financial Impact, and Risk of Compromise

Answer: A

NEW QUESTION 22

Scenario: You are the newly hired Chief Information Security Officer for a company that has not previously had a senior level security practitioner. The company lacks a defined security policy and framework for their Information Security Program. Your new boss, the Chief Financial Officer, has asked you to draft an outline of a security policy and recommend an industry/sector neutral information security control framework for implementation.
Which of the following industry / sector neutral information security control frameworks should you recommend for implementation?

• A. National Institute of Standards and Technology (NIST) Special Publication 800-53
• B. Payment Card Industry Digital Security Standard (PCI DSS)
• C. International Organization for Standardization – ISO 27001/2
• D. British Standard 7799 (BS7799)

Answer: C

NEW QUESTION 23

Which of the following is the MOST important reason to measure the effectiveness of an Information Security Management System (ISMS)?

• A. Meet regulatory compliance requirements
• B. Better understand the threats and vulnerabilities affecting the environment
• C. Better understand strengths and weaknesses of the program
• D. Meet legal requirements

Answer: C

NEW QUESTION 24

As a new CISO at a large healthcare company you are told that everyone has to badge in to get in the building. Below your office window you notice a door that is normally propped open during the day for groups of people to take breaks outside. Upon looking closer you see there is no badge reader. What should you do?

• A. Nothing, this falls outside your area of influence.
• B. Close and chain the door shut and send a company-wide memo banning the practice.
• C. Have a risk assessment performed.
• D. Post a guard at the door to maintain physical security

Answer: C

NEW QUESTION 25

The regular review of a firewall ruleset is considered a

• A. Procedural control
• B. Organization control
• C. Technical control
• D. Management control

Answer: A

NEW QUESTION 26

The success of the Chief Information Security Officer is MOST dependent upon:

• A. favorable audit findings
• B. following the recommendations of consultants and contractors
• C. development of relationships with organization executives
• D. raising awareness of security issues with end users

Answer: C

NEW QUESTION 27

When creating contractual agreements and procurement processes why should security requirements be included?

• A. To make sure they are added on after the process is completed
• B. To make sure the costs of security is included and understood
• C. To make sure the security process aligns with the vendor’s security process
• D. To make sure the patching process is included with the costs

Answer: B

NEW QUESTION 28

The single most important consideration to make when developing your security program, policies, and processes is:

• A. Budgeting for unforeseen data compromises
• B. Streamlining for efficiency
• C. Alignment with the business
• D. Establishing your authority as the Security Executive

Answer: C

NEW QUESTION 29

Human resource planning for security professionals in your organization is a:

• A. Simple and easy task because the threats are getting easier to find and correct.
• B. Training requirement that is met through once every year user training.
• C. Training requirement that is on-going and always changing.
• D. Not needed because automation and anti-virus software has eliminated the threats.

Answer: C

NEW QUESTION 30

Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.
What type of control is being implemented by supervisors and data owners?

• A. Management
• B. Operational
• C. Technical
• D. Administrative

Answer: B

NEW QUESTION 31
......