712-50 Practice Test

An organization’s firewall technology needs replaced. A specific technology has been selected that is less costly than others and lacking in some important capabilities. The security officer has voiced concerns about sensitive data breaches but the decision is made to purchase. What does this selection indicate?

A.

A high threat environment

B.

A low risk tolerance environment

C.

I low vulnerability environment

D.

A high risk tolerance environment

When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?

A.

An independent Governance, Risk and Compliance organization

B.

Alignment of security goals with business goals

C.

Compliance with local privacy regulations

D.

Support from Legal and HR teams

Which of the following is MOST important when dealing with an Information Security Steering committee:

A.

Include a mix of members from different departments and staff levels.

B.

Ensure that security policies and procedures have been vetted and approved.

C.

Review all past audit and compliance reports.

D.

Be briefed about new trends and products at each meeting by a vendor.

Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?

A.

Need to comply with breach disclosure laws

B.

Need to transfer the risk associated with hosting PII data

C.

Need to better understand the risk associated with using PII data

D.

Fiduciary responsibility to safeguard credit card information

The Information Security Management program MUST protect:

A.

all organizational assets

B.

critical business processes and /or revenue streams

C.

intellectual property released into the public domain

D.

against distributed denial of service attacks