Free Information Security Manager Exam 512-50 Exam Practice Test

An organization is looking for a framework to measure the efficiency and effectiveness of their Information Security Management System. Which of the following international standards can BEST assist this organization?

• International Organization for Standardizations – 27004 (ISO-27004)
• Payment Card Industry Data Security Standards (PCI-DSS)
• Control Objectives for Information Technology (COBIT)
• International Organization for Standardizations – 27005 (ISO-27005)

Which International Organization for Standardization (ISO) below BEST describes the performance of risk management, and includes a five-stage risk management methodology.

• ISO 27001
• ISO 27002
• ISO 27004
• ISO 27005

Which one of the following BEST describes which member of the management team is accountable for the day-to-day operation of the information security program?

• Security administrators
• Security mangers
• Security technicians
• Security analysts

When creating contractual agreements and procurement processes why should security requirements be included?

• To make sure they are added on after the process is completed
• To make sure the costs of security is included and understood
• To make sure the security process aligns with the vendor’s security process
• To make sure the patching process is included with the costs

Involvement of senior management is MOST important in the development of:

• IT security implementation plans.
• Standards and guidelines.
• IT security policies.
• IT security procedures.

Which of the following information may be found in table top exercises for incident response?

• Security budget augmentation
• Process improvements
• Real-time to remediate
• Security control selection

The effectiveness of an audit is measured by?

• The number of actionable items in the recommendations
• How it exposes the risk tolerance of the company
• How the recommendations directly support the goals of the company
• The number of security controls the company has in use

Which of the following has the GREATEST impact on the implementation of an information security governance model?

• Organizational budget
• Distance between physical locations
• Number of employees
• Complexity of organizational structure

An information security department is required to remediate system vulnerabilities when they are discovered. Please select the three primary remediation methods that can be used on an affected system.

• Install software patch, Operate system, Maintain system
• Discover software, Remove affected software, Apply software patch
• Install software patch, configuration adjustment, Software Removal
• Software removal, install software patch, maintain system

Which of the following is the PRIMARY purpose of International Organization for Standardization (ISO) 27001?

• Use within an organization to formulate security requirements and objectives
• Implementation of business-enabling information security
• Use within an organization to ensure compliance with laws and regulations
• To enable organizations that adopt it to obtain certifications