512-50 Questions and Answers

When choosing a risk mitigation method what is the MOST important factor?

Which of the following set of processes is considered to be one of the cornerstone cycles of the International Organization for Standardization (ISO) 27001 standard?

A Security Operations Centre (SOC) manager is informed that a database containing highly sensitive corporate strategy information is under attack. Information has been stolen and the database server was disconnected. Who must be informed of this incident?

A new CISO just started with a company and on the CISO's desk is the last complete Information Security Management audit report. The audit report is over two years old. After reading it, what should be the CISO's FIRST priority?

Which of the following is a benefit of a risk-based approach to audit planning?

Which of the following is the MOST logical method of deploying security controls within an organization?

Which of the following conditions would be the MOST probable reason for a security project to be rejected by the executive board of an organization?

You are just hired as the new CISO and are being briefed on all the Information Security projects that your section has on going. You discover that most projects are behind schedule and over budget.

Using the best business practices for project management you determine that the project correctly aligns with the company goals and the scope of the project is correct. What is the NEXT step?

A CISO wants to change the defense strategy to ward off attackers. To accomplish this the CISO is looking to a strategy where attackers are lured into a zone of a safe network where attackers can be monitored, controlled, quarantined, or eradicated.

Which of the following would negatively impact a log analysis of a multinational organization?

The new CISO was informed of all the Information Security projects that the organization has in progress. Two projects are over a year behind schedule and over budget. Using best business practices for project management you determine that the project correctly aligns with the company goals.

Which of the following needs to be performed NEXT?

If the result of an NPV is positive, then the project should be selected. The net present value shows the present

value of the project, based on the decisions taken for its selection. What is the net present value equal to?

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals

the increasing need to address security consistently at the enterprise level. This new CISO, while confident with

skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.

From an Information Security Leadership perspective, which of the following is a MAJOR concern about the

CISO’s approach to security?

The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help mitigate the risks?

The company decides to release the application without remediating the high-risk vulnerabilities. Which of the following is the MOST likely reason for the company to release the application?

What is the BEST way to achieve on-going compliance monitoring in an organization?

You have purchased a new insurance policy as part of your risk strategy. Which of the following risk strategy options have you engaged in?

Which of the following should be determined while defining risk management strategies?

Which of the following backup sites takes the longest recovery time?

Your organization provides open guest wireless access with no captive portals. What can you do to assist with law enforcement investigations if one of your guests is suspected of committing an illegal act using your network?

Which of the following is the MAIN security concern for public cloud computing?

A customer of a bank has placed a dispute on a payment for a credit card account. The banking system uses digital signatures to safeguard the integrity of their transactions. The bank claims that the system shows proof that the customer in fact made the payment. What is this system capability commonly known as?

The process of identifying and classifying assets is typically included in the

What is the term describing the act of inspecting all real-time Internet traffic (i.e., packets) traversing a major Internet backbone without introducing any apparent latency?

Which of the following is a symmetric encryption algorithm?

Which of the following functions implements and oversees the use of controls to reduce risk when creating an information security program?

Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.

How can you reduce the administrative burden of distributing symmetric keys for your employer?

A consultant is hired to do physical penetration testing at a large financial company. In the first day of his

assessment, the consultant goes to the company’s building dressed like an electrician and waits in the lobby for

an employee to pass through the main access gate, then the consultant follows the employee behind to get into

the restricted area. Which type of attack did the consultant perform?

Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.

Symmetric encryption in general is preferable to asymmetric encryption when:

When project costs continually increase throughout implementation due to large or rapid changes in customer

or user requirements, this is commonly known as:

Which of the following is considered one of the most frequent failures in project management?

When considering using a vendor to help support your security devices remotely, what is the BEST choice for allowing access?

Which of the following is a weakness of an asset or group of assets that can be exploited by one or more threats?

Which of the following provides an audit framework?

Risk that remains after risk mitigation is known as

A security officer wants to implement a vulnerability scanning program. The officer is uncertain of the state of vulnerability resiliency within the organization’s large IT infrastructure. What would be the BEST approach to minimize scan data output while retaining a realistic view of system vulnerability?

Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network. Which is the single most important factor to introducing digital evidence into a court of law?

Which of the following is MOST important when tuning an Intrusion Detection System (IDS)?

In terms of supporting a forensic investigation, it is now imperative that managers, first-responders, etc., accomplish the following actions to the computer under investigation:

The general ledger setup function in an enterprise resource package allows for setting accounting periods. Access to this function has been permitted to users in finance, the shipping department, and production scheduling. What is the most likely reason for such broad access?

The process for identifying, collecting, and producing digital information in support of legal proceedings is called

Which of the following represents the BEST method for obtaining business unit acceptance of security controls within an organization?

Which of the following is a major benefit of applying risk levels?

A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?

Which of the following is considered a project versus a managed process?

As the CISO for your company you are accountable for the protection of information resources commensurate with:

A severe security threat has been detected on your corporate network. As CISO you quickly assemble key members of the Information Technology team and business operations to determine a modification to security controls in response to the threat. This is an example of:

Which of the following is the MOST important component of any change management process?

With a focus on the review and approval aspects of board responsibilities, the Data Governance Council recommends that the boards provide strategic oversight regarding information and information security, include these four things:

You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the

Which of the following is the MOST important goal of risk management?

How often should an environment be monitored for cyber threats, risks, and exposures?

Which of the following is a fundamental component of an audit record?

The executive board has requested that the CISO of an organization define and Key Performance Indicators (KPI) to measure the effectiveness of the security awareness program provided to call center employees. Which of the following can be used as a KPI?

Which of the following is considered to be an IT governance framework and a supporting toolset that allows for managers to bridge the gap between control requirements, technical issues, and business risks?