712-50 Practice Test

Which of the following is a MAJOR consideration when an organization retains sensitive customer data and uses this data to better target the organization’s products and services?

A.

Strong authentication technologies

B.

Financial reporting regulations

C.

Credit card compliance and regulations

D.

Local privacy laws

When dealing with a risk management process, asset classification is important because it will impact the overall:

A.

Threat identification

B.

Risk monitoring

C.

Risk treatment

D.

Risk tolerance

According to the National Institute of Standards and Technology (NIST) SP 800-40, which of the following considerations are MOST important when creating a vulnerability management program?

A.

Susceptibility to attack, mitigation response time, and cost

B.

Attack vectors, controls cost, and investigation staffing needs

C.

Vulnerability exploitation, attack recovery, and mean time to repair

D.

Susceptibility to attack, expected duration of attack, and mitigation availability

A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. Which of the following standards and guidelines can BEST address this organization’s need?

A.

International Organization for Standardizations – 22301 (ISO-22301)

B.

Information Technology Infrastructure Library (ITIL)

C.

Payment Card Industry Data Security Standards (PCI-DSS)

D.

International Organization for Standardizations – 27005 (ISO-27005)

Who in the organization determines access to information?

A.

Legal department

B.

Compliance officer

C.

Data Owner

D.

Information security officer