Free Chief Information Security Officer 712-50 Exam Practice Test

Providing oversight of a comprehensive information security program for the entire organization is the primary responsibility of which group under the InfoSec governance framework?A . Senior ExecutivesB . Office of the AuditorC . Office of the General CounselD . All employees and users

Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network. Which is the single most important factor to introducing digital evidence into a court of law?A . Comprehensive Log-Files from all servers and network devices affected during the attackB . Fully trained network forensic experts to analyze all data right after the attackC . Uninterrupted Chain of CustodyD . Expert forensics witness

Which of the following are the MOST important factors for proactively determining system vulnerabilities?A . Subscribe to vendor mailing list to get notification of system vulnerabilitiesB . Deploy Intrusion Detection System (IDS) and install anti-virus on systemsC . Configure firewall, perimeter router and Intrusion Prevention System (IPS)D . Conduct security testing, vulnerability scanning, and penetration testing

Which of the following best describes an access control process that confirms the identity of the entity seeking access to a logical or physical area?A . IdentificationB . AuthorizationC . AuthenticationD . Accountability

What is the BEST reason for having a formal request for proposal process?A . Creates a timeline for purchasing and budgetingB . Allows small companies to compete with larger companiesC . Clearly identifies risks and benefits before funding is spentD . Informs suppliers a company is going to make a purchase

Your IT auditor is reviewing significant events from the previous year and has identified some procedural oversights. Which of the following would be the MOST concerning?A . Lack of notification to the public of disclosure of confidential information.B . Lack of periodic examination of access rightsC . Failure to notify police of an attempted intrusionD . Lack of reporting of a successful denial of service attack on the network.

The exposure factor of a threat to your organization is defined by?A . Asset value times exposure factorB . Annual rate of occurrenceC . Annual loss expectancy minus current cost of controlsD . Percentage of loss experienced due to a realized threat event

Which of the following intellectual Property components is focused on maintaining brand recognition?A . TrademarkB . PatentC . Research LogsD . Copyright

Which of the following is a MAJOR consideration when an organization retains sensitive customer data and uses this data to better target the organization's products and services?A . Strong authentication technologiesB . Financial reporting regulationsC . Credit card compliance and regulationsD . Local privacy laws

A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. Which of the following standards and guidelines can BEST address this organization's need?A . International Organization for Standardizations -- 22301 (ISO-22301)B . Information Technology Infrastructure Library (ITIL)C . Payment Card Industry Data Security Standards (PCI-DSS)D . International Organization for Standardizations -- 27005 (ISO-27005)