512-50 Exam Questions

Which of the following will be MOST helpful for getting an Information Security project that is behind schedule back on schedule?

How often should the SSAE16 report of your vendors be reviewed?

A CISO sees abnormally high volumes of exceptions to security requirements and constant pressure from business units to change security processes. Which of the following represents...

Which of the following represents the best method of ensuring business unit alignment with security program requirements?

A CISO implements smart cards for credential management, and as a result has reduced costs associated with help desk operations supporting password resets. This demonstrates which...

Which of the following is critical in creating a security program aligned with an organization's goals?

Which of the following represents the BEST method of ensuring security program alignment to business needs?

A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets installed, but the pr...

Which of the following represents the BEST method for obtaining business unit acceptance of security controls within an organization?

An organization has a stated requirement to block certain traffic on networks. The implementation of controls will disrupt a manufacturing process and cause unacceptable delays, re...

A CISO has recently joined an organization with a poorly implemented security program. The desire is to base the security program on a risk management approach. Which of the follow...

Risk appetite is typically determined by which of the following organizational functions?

You are the CISO of a commercial social media organization. The leadership wants to rapidly create new methods of sharing customer data through creative linkages with mobile device...

Knowing the potential financial loss an organization is willing to suffer if a system fails is a determination of which of the following?

Which of the following is MOST beneficial in determining an appropriate balance between uncontrolled innovation and excessive caution in an organization?

Which of the following is a major benefit of applying risk levels?

Which of the following best summarizes the primary goal of a security program?

Which of the following functions evaluates risk present in IT initiatives and/or systems when implementing an information security program?

Which of the following functions implements and oversees the use of controls to reduce risk when creating an information security program?

Which of the following functions evaluates patches used to close software vulnerabilities of new systems to assure compliance with policy when implementing an information security...

Which one of the following BEST describes which member of the management team is accountable for the day-to-day operation of the information security program?

In effort to save your company money which of the following methods of training results in the lowest cost for the organization?

Which of the following are the triple constraints of project management?

You are having a penetration test done on your company network and the leader of the team says they discovered all the network devices because no one had changed the Simple Network...

As a CISO you need to understand the steps that are used to perform an attack against a network. Put each step into the correct order. 1. Covering tracks 2. Scanning and enumeratio...

What type of attack requires the least amount of technical equipment and has the highest success rate?

Physical security measures typically include which of the following components?

SQL injection is a very popular and successful injection attack method. Identify the basic SQL injection text:

An anonymity network is a series of?

An access point (AP) is discovered using Wireless Equivalent Protocol (WEP). The ciphertext sent by the AP is encrypted with the same key and cipher used by its stations. What auth...

Which wireless encryption technology makes use of temporal keys?

Your penetration testing team installs an in-line hardware key logger onto one of your network machines. Which of the following is of major concern to the security organization?

The process of creating a system which divides documents based on their security level to manage access to private data is known as

A customer of a bank has placed a dispute on a payment for a credit card account. The banking system uses digital signatures to safeguard the integrity of their transactions. The b...

The process for identifying, collecting, and producing digital information in support of legal proceedings is called

Your organization provides open guest wireless access with no captive portals. What can you do to assist with law enforcement investigations if one of your guests is suspected of c...

One of your executives needs to send an important and confidential email. You want to ensure that the message cannot be read by anyone but the recipient. Which of the following key...

Which of the following is a countermeasure to prevent unauthorized database access from web applications?

Which of the following statements about Encapsulating Security Payload (ESP) is true?

The ability to hold intruders accountable in a court of law is important. Which of the following activities are needed to ensure the highest possibility for successful prosecution?

Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network. Which is the single most important factor to introducing digital evi...

The general ledger setup function in an enterprise resource package allows for setting accounting periods. Access to this function has been permitted to users in finance, the shipp...

While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data center?

Security related breaches are assessed and contained through which of the following?

Which of the following backup sites takes the longest recovery time?

What is the FIRST step in developing the vulnerability management program?

Your incident handling manager detects a virus attack in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the follo...

Which of the following strategies provides the BEST response to a ransomware attack?

Which of the following conditions would be the MOST probable reason for a security project to be rejected by the executive board of an organization?

Which of the following is MOST useful when developing a business case for security initiatives?