712-50 Exam Questions

Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network. Which is the single most important factor to introducing digital evi...

Which of the following is the MAIN security concern for public cloud computing?

Which wireless encryption technology makes use of temporal keys?

The ability to hold intruders accountable in a court of law is important. Which of the following activities are needed to ensure the highest possibility for successful prosecution?

Your incident handling manager detects a virus attack in the network of your company. You develop a signature based on the characteristics of the detected virus. Which of the follo...

The general ledger setup function in an enterprise resource package allows for setting accounting periods. Access to this function has been permitted to users in finance, the shipp...

In terms of supporting a forensic investigation, it is now imperative that managers, first- responders, etc., accomplish the following actions to the computer under investigation:

One of your executives needs to send an important and confidential email. You want to ensure that the message cannot be read by anyone but the recipient. Which of the following key...

The process of creating a system which divides documents based on their security level to manage access to private data is known as

While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data center?

Which of the following is a countermeasure to prevent unauthorized database access from web applications?

SQL injection is a very popular and successful injection attack method. Identify the basic SQL injection text:

A customer of a bank has placed a dispute on a payment for a credit card account. The banking system uses digital signatures to safeguard the integrity of their transactions. The b...

Security related breaches are assessed and contained through which of the following?

Which of the following is a symmetric encryption algorithm?

An anonymity network is a series of?

What is the term describing the act of inspecting all real-time Internet traffic (i.e., packets) traversing a major Internet backbone without introducing any apparent latency?

Which of the following is MOST important when tuning an Intrusion Detection System (IDS)?

The process for identifying, collecting, and producing digital information in support of legal proceedings is called

An access point (AP) is discovered using Wireless Equivalent Protocol (WEP). The ciphertext sent by the AP is encrypted with the same key and cipher used by its stations. What auth...

Which of the following backup sites takes the longest recovery time?

Physical security measures typically include which of the following components?

A hacker is attempting to use nslookup to query Domain Name Service (DNS). The hacker uses the nslookup interactive mode for the search. Which command should the hacker type into t...

Which type of scan is used on the eye to measure the layer of blood vessels?

Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?

What is the FIRST step in developing the vulnerability management program?

Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be adminis...

The ability to demand the implementation and management of security controls on third parties providing services to an organization is

Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individ...

When updating the security strategic planning document what two items must be included?

SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used a...

Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organizat...

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterpris...

What is the primary reason for performing a return on investment analysis?

Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have per...

Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organizat...

The process to evaluate the technical and non-technical security controls of an IT system to validate that a given design and implementation meet a specific set of security require...

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterpris...

The newly appointed CISO of an organization is reviewing the IT security strategic plan. Which of the following is the MOST important component of the strategic plan?

The process for management approval of the security certification process which states the risks and mitigation of such risks of a given IT system is called

Scenario: Your program is developed around minimizing risk to information by focusing on people, technology, and operations. An effective way to evaluate the effectiveness of an in...

Scenario: Most industries require compliance with multiple government regulations and/or industry standards to meet data protection and privacy mandates. When multiple regulations...

What is the BEST reason for having a formal request for proposal process?

SCENARIO: Critical servers show signs of erratic behavior within your organization's intranet. Initial information indicates the systems are under attack from an outside entity. As...

As the CISO you need to write the IT security strategic plan. Which of the following is the MOST important to review before you start writing the plan?

Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and data. Permission to individ...

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterpris...

You are just hired as the new CISO and are being briefed on all the Information Security projects that your section has on going. You discover that most projects are behind schedul...

When creating contractual agreements and procurement processes why should security requirements be included?

SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used a...