March Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

512-50 Questions and Answers

Question # 6

When choosing a risk mitigation method what is the MOST important factor?

A.

Approval from the board of directors

B.

Cost of the mitigation is less than the risk

C.

Metrics of mitigation method success

D.

Mitigation method complies with PCI regulations

Full Access
Question # 7

Which of the following set of processes is considered to be one of the cornerstone cycles of the International Organization for Standardization (ISO) 27001 standard?

A.

Plan-Check-Do-Act

B.

Plan-Do-Check-Act

C.

Plan-Select-Implement-Evaluate

D.

SCORE (Security Consensus Operational Readiness Evaluation)

Full Access
Question # 8

A Security Operations Centre (SOC) manager is informed that a database containing highly sensitive corporate strategy information is under attack. Information has been stolen and the database server was disconnected. Who must be informed of this incident?

A.

Internal audit

B.

The data owner

C.

All executive staff

D.

Government regulators

Full Access
Question # 9

A new CISO just started with a company and on the CISO's desk is the last complete Information Security Management audit report. The audit report is over two years old. After reading it, what should be the CISO's FIRST priority?

A.

Have internal audit conduct another audit to see what has changed.

B.

Contract with an external audit company to conduct an unbiased audit

C.

Review the recommendations and follow up to see if audit implemented the changes

D.

Meet with audit team to determine a timeline for corrections

Full Access
Question # 10

Which of the following is a benefit of a risk-based approach to audit planning?

A.

Resources are allocated to the areas of the highest concern

B.

Scheduling may be performed months in advance

C.

Budgets are more likely to be met by the IT audit staff

D.

Staff will be exposed to a variety of technologies

Full Access
Question # 11

Which of the following is the MOST logical method of deploying security controls within an organization?

A.

Obtain funding for all desired controls and then create project plans for implementation

B.

Apply the simpler controls as quickly as possible and use a risk-based approach for the more difficult and

costly controls

C.

Apply the least costly controls to demonstrate positive program activity

D.

Obtain business unit buy-in through close communication and coordination

Full Access
Question # 12

Which of the following conditions would be the MOST probable reason for a security project to be rejected by the executive board of an organization?

A.

The Net Present Value (NPV) of the project is positive

B.

The NPV of the project is negative

C.

The Return on Investment (ROI) is larger than 10 months

D.

The ROI is lower than 10 months

Full Access
Question # 13

You are just hired as the new CISO and are being briefed on all the Information Security projects that your section has on going. You discover that most projects are behind schedule and over budget.

Using the best business practices for project management you determine that the project correctly aligns with the company goals and the scope of the project is correct. What is the NEXT step?

A.

Review time schedules

B.

Verify budget

C.

Verify resources

D.

Verify constraints

Full Access
Question # 14

A CISO wants to change the defense strategy to ward off attackers. To accomplish this the CISO is looking to a strategy where attackers are lured into a zone of a safe network where attackers can be monitored, controlled, quarantined, or eradicated.

A.

Moderate investment

B.

Passive monitoring

C.

Integrated security controls

D.

Dynamic deception

Full Access
Question # 15

Which of the following would negatively impact a log analysis of a multinational organization?

A.

Centralized log management

B.

Encrypted log files in transit

C.

Each node set to local time

D.

Log aggregation agent each node

Full Access
Question # 16

The new CISO was informed of all the Information Security projects that the organization has in progress. Two projects are over a year behind schedule and over budget. Using best business practices for project management you determine that the project correctly aligns with the company goals.

Which of the following needs to be performed NEXT?

A.

Verify the scope of the project

B.

Verify the regulatory requirements

C.

Verify technical resources

D.

Verify capacity constraints

Full Access
Question # 17

If the result of an NPV is positive, then the project should be selected. The net present value shows the present

value of the project, based on the decisions taken for its selection. What is the net present value equal to?

A.

Net profit – per capita income

B.

Total investment – Discounted cash

C.

Average profit – Annual investment

D.

Initial investment – Future value

Full Access
Question # 18

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals

the increasing need to address security consistently at the enterprise level. This new CISO, while confident with

skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.

From an Information Security Leadership perspective, which of the following is a MAJOR concern about the

CISO’s approach to security?

A.

Compliance centric agenda

B.

IT security centric agenda

C.

Lack of risk management process

D.

Lack of sponsorship from executive management

Full Access
Question # 19

The organization does not have the time to remediate the vulnerability; however it is critical to release the application. Which of the following needs to be further evaluated to help mitigate the risks?

A.

Provide developer security training

B.

Deploy Intrusion Detection Systems

C.

Provide security testing tools

D.

Implement Compensating Controls

Full Access
Question # 20

The company decides to release the application without remediating the high-risk vulnerabilities. Which of the following is the MOST likely reason for the company to release the application?

A.

The company lacks a risk management process

B.

The company does not believe the security vulnerabilities to be real

C.

The company has a high risk tolerance

D.

The company lacks the tools to perform a vulnerability assessment

Full Access
Question # 21

What is the BEST way to achieve on-going compliance monitoring in an organization?

A.

Only check compliance right before the auditors are scheduled to arrive onsite.

B.

Outsource compliance to a 3rd party vendor and let them manage the program.

C.

Have Compliance and Information Security partner to correct issues as they arise.

D.

Have Compliance direct Information Security to fix issues after the auditors report.

Full Access
Question # 22

You have purchased a new insurance policy as part of your risk strategy. Which of the following risk strategy options have you engaged in?

A.

Risk Avoidance

B.

Risk Acceptance

C.

Risk Transfer

D.

Risk Mitigation

Full Access
Question # 23

Which of the following should be determined while defining risk management strategies?

A.

Organizational objectives and risk tolerance

B.

Risk assessment criteria

C.

IT architecture complexity

D.

Enterprise disaster recovery plans

Full Access
Question # 24

Which of the following backup sites takes the longest recovery time?

A.

Cold site

B.

Hot site

C.

Warm site

D.

Mobile backup site

Full Access
Question # 25

Your organization provides open guest wireless access with no captive portals. What can you do to assist with law enforcement investigations if one of your guests is suspected of committing an illegal act using your network?

A.

Configure logging on each access point

B.

Install a firewall software on each wireless access point.

C.

Provide IP and MAC address

D.

Disable SSID Broadcast and enable MAC address filtering on all wireless access points.

Full Access
Question # 26

Which of the following is the MAIN security concern for public cloud computing?

A.

Unable to control physical access to the servers

B.

Unable to track log on activity

C.

Unable to run anti-virus scans

D.

Unable to patch systems as needed

Full Access
Question # 27

A customer of a bank has placed a dispute on a payment for a credit card account. The banking system uses digital signatures to safeguard the integrity of their transactions. The bank claims that the system shows proof that the customer in fact made the payment. What is this system capability commonly known as?

A.

non-repudiation

B.

conflict resolution

C.

strong authentication

D.

digital rights management

Full Access
Question # 28

The process of identifying and classifying assets is typically included in the

A.

Threat analysis process

B.

Asset configuration management process

C.

Business Impact Analysis

D.

Disaster Recovery plan

Full Access
Question # 29

What is the term describing the act of inspecting all real-time Internet traffic (i.e., packets) traversing a major Internet backbone without introducing any apparent latency?

A.

Traffic Analysis

B.

Deep-Packet inspection

C.

Packet sampling

D.

Heuristic analysis

Full Access
Question # 30

Which of the following is a symmetric encryption algorithm?

A.

3DES

B.

MD5

C.

ECC

D.

RSA

Full Access
Question # 31

Which of the following functions implements and oversees the use of controls to reduce risk when creating an information security program?

A.

Risk Assessment

B.

Incident Response

C.

Risk Management

D.

Network Security administration

Full Access
Question # 32

Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.

How can you reduce the administrative burden of distributing symmetric keys for your employer?

A.

Use asymmetric encryption for the automated distribution of the symmetric key

B.

Use a self-generated key on both ends to eliminate the need for distribution

C.

Use certificate authority to distribute private keys

D.

Symmetrically encrypt the key and then use asymmetric encryption to unencrypt it

Full Access
Question # 33

A consultant is hired to do physical penetration testing at a large financial company. In the first day of his

assessment, the consultant goes to the company’s building dressed like an electrician and waits in the lobby for

an employee to pass through the main access gate, then the consultant follows the employee behind to get into

the restricted area. Which type of attack did the consultant perform?

A.

Shoulder surfing

B.

Tailgating

C.

Social engineering

D.

Mantrap

Full Access
Question # 34

Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.

Symmetric encryption in general is preferable to asymmetric encryption when:

A.

The number of unique communication links is large

B.

The volume of data being transmitted is small

C.

The speed of the encryption / deciphering process is essential

D.

The distance to the end node is farthest away

Full Access
Question # 35

When project costs continually increase throughout implementation due to large or rapid changes in customer

or user requirements, this is commonly known as:

A.

Cost/benefit adjustments

B.

Scope creep

C.

Prototype issues

D.

Expectations management

Full Access
Question # 36

Which of the following is considered one of the most frequent failures in project management?

A.

Overly restrictive management

B.

Excessive personnel on project

C.

Failure to meet project deadlines

D.

Insufficient resources

Full Access
Question # 37

When considering using a vendor to help support your security devices remotely, what is the BEST choice for allowing access?

A.

Vendors uses their own laptop and logins with same admin credentials your security team uses

B.

Vendor uses a company supplied laptop and logins using two factor authentication with same admin credentials your security team uses

C.

Vendor uses a company supplied laptop and logins using two factor authentication with their own unique credentials

D.

Vendor uses their own laptop and logins using two factor authentication with their own unique credentials

Full Access
Question # 38

Which of the following is a weakness of an asset or group of assets that can be exploited by one or more threats?

A.

Threat

B.

Vulnerability

C.

Attack vector

D.

Exploitation

Full Access
Question # 39

Which of the following provides an audit framework?

A.

Control Objectives for IT (COBIT)

B.

Payment Card Industry-Data Security Standard (PCI-DSS)

C.

International Organization Standard (ISO) 27002

D.

National Institute of Standards and Technology (NIST) SP 800-30

Full Access
Question # 40

Risk that remains after risk mitigation is known as

A.

Persistent risk

B.

Residual risk

C.

Accepted risk

D.

Non-tolerated risk

Full Access
Question # 41

A security officer wants to implement a vulnerability scanning program. The officer is uncertain of the state of vulnerability resiliency within the organization’s large IT infrastructure. What would be the BEST approach to minimize scan data output while retaining a realistic view of system vulnerability?

A.

Scan a representative sample of systems

B.

Perform the scans only during off-business hours

C.

Decrease the vulnerabilities within the scan tool settings

D.

Filter the scan output so only pertinent data is analyzed

Full Access
Question # 42

Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network. Which is the single most important factor to introducing digital evidence into a court of law?

A.

Comprehensive Log-Files from all servers and network devices affected during the attack

B.

Fully trained network forensic experts to analyze all data right after the attack

C.

Uninterrupted Chain of Custody

D.

Expert forensics witness

Full Access
Question # 43

Which of the following is MOST important when tuning an Intrusion Detection System (IDS)?

A.

Trusted and untrusted networks

B.

Type of authentication

C.

Storage encryption

D.

Log retention

Full Access
Question # 44

In terms of supporting a forensic investigation, it is now imperative that managers, first-responders, etc., accomplish the following actions to the computer under investigation:

A.

Secure the area and shut-down the computer until investigators arrive

B.

Secure the area and attempt to maintain power until investigators arrive

C.

Immediately place hard drive and other components in an anti-static bag

D.

Secure the area.

Full Access
Question # 45

The general ledger setup function in an enterprise resource package allows for setting accounting periods. Access to this function has been permitted to users in finance, the shipping department, and production scheduling. What is the most likely reason for such broad access?

A.

The need to change accounting periods on a regular basis.

B.

The requirement to post entries for a closed accounting period.

C.

The need to create and modify the chart of accounts and its allocations.

D.

The lack of policies and procedures for the proper segregation of duties.

Full Access
Question # 46

The process for identifying, collecting, and producing digital information in support of legal proceedings is called

A.

chain of custody.

B.

electronic discovery.

C.

evidence tampering.

D.

electronic review.

Full Access
Question # 47

Which of the following represents the BEST method for obtaining business unit acceptance of security controls within an organization?

A.

Allow the business units to decide which controls apply to their systems, such as the encryption of sensitive data

B.

Create separate controls for the business units based on the types of business and functions they perform

C.

Ensure business units are involved in the creation of controls and defining conditions under which they must be applied

D.

Provide the business units with control mandates and schedules of audits for compliance validation

Full Access
Question # 48

Which of the following is a major benefit of applying risk levels?

A.

Risk management governance becomes easier since most risks remain low once mitigated

B.

Resources are not wasted on risks that are already managed to an acceptable level

C.

Risk budgets are more easily managed due to fewer identified risks as a result of using a methodology

D.

Risk appetite can increase within the organization once the levels are understood

Full Access
Question # 49

A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?

A.

The software license expiration is probably out of synchronization with other software licenses

B.

The project was initiated without an effort to get support from impacted business units in the organization

C.

The software is out of date and does not provide for a scalable solution across the enterprise

D.

The security officer should allow time for the organization to get accustomed to her presence before initiating security projects

Full Access
Question # 50

Which of the following is considered a project versus a managed process?

A.

monitoring external and internal environment during incident response

B.

ongoing risk assessments of routine operations

C.

continuous vulnerability assessment and vulnerability repair

D.

installation of a new firewall system

Full Access
Question # 51

As the CISO for your company you are accountable for the protection of information resources commensurate with:

A.

Customer demand

B.

Cost and time to replace

C.

Insurability tables

D.

Risk of exposure

Full Access
Question # 52

A severe security threat has been detected on your corporate network. As CISO you quickly assemble key members of the Information Technology team and business operations to determine a modification to security controls in response to the threat. This is an example of:

A.

Change management

B.

Business continuity planning

C.

Security Incident Response

D.

Thought leadership

Full Access
Question # 53

Which of the following is the MOST important component of any change management process?

A.

Scheduling

B.

Back-out procedures

C.

Outage planning

D.

Management approval

Full Access
Question # 54

With a focus on the review and approval aspects of board responsibilities, the Data Governance Council recommends that the boards provide strategic oversight regarding information and information security, include these four things:

A.

Metrics tracking security milestones, understanding criticality of information and information security, visibility into the types of information and how it is used, endorsement by the board of directors

B.

Annual security training for all employees, continual budget reviews, endorsement of the development and implementation of a security program, metrics to track the program

C.

Understanding criticality of information and information security, review investment in information security, endorse development and implementation of a security program, and require regular reports on adequacy and effectiveness

D.

Endorsement by the board of directors for security program, metrics of security program milestones, annual budget review, report on integration and acceptance of program

Full Access
Question # 55

You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the

A.

Controlled mitigation effort

B.

Risk impact comparison

C.

Relative likelihood of event

D.

Comparative threat analysis

Full Access
Question # 56

Which of the following is the MOST important goal of risk management?

A.

Identifying the risk

B.

Finding economic balance between the impact of the risk and the cost of the control

C.

Identifying the victim of any potential exploits.

D.

Assessing the impact of potential threats

Full Access
Question # 57

How often should an environment be monitored for cyber threats, risks, and exposures?

A.

Weekly

B.

Monthly

C.

Quarterly

D.

Daily

Full Access
Question # 58

Which of the following is a fundamental component of an audit record?

A.

Date and time of the event

B.

Failure of the event

C.

Originating IP-Address

D.

Authentication type

Full Access
Question # 59

The executive board has requested that the CISO of an organization define and Key Performance Indicators (KPI) to measure the effectiveness of the security awareness program provided to call center employees. Which of the following can be used as a KPI?

A.

Number of callers who report security issues.

B.

Number of callers who report a lack of customer service from the call center

C.

Number of successful social engineering attempts on the call center

D.

Number of callers who abandon the call before speaking with a representative

Full Access
Question # 60

Which of the following is considered to be an IT governance framework and a supporting toolset that allows for managers to bridge the gap between control requirements, technical issues, and business risks?

A.

Control Objective for Information Technology (COBIT)

B.

Committee of Sponsoring Organizations (COSO)

C.

Payment Card Industry (PCI)

D.

Information Technology Infrastructure Library (ITIL)

Full Access