712-50 Exam Questions

Which type of physical security control scan a person's external features through a digital video camera before granting access to a restricted area?

Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target...

Which type of scan is used on the eye to measure the layer of blood vessels?

A consultant is hired to do physical penetration testing at a large financial company. In the first day of his assessment, the consultant goes to the company's building dressed lik...

Smith, the project manager for a larger multi-location firm, is leading a software project team that has 18 members, 5 of which are assigned to testing. Due to recent recommendatio...

If the result of an NPV is positive, then the project should be selected. The net present value shows the present value of the project, based on the decisions taken for its selecti...

If a competitor wants to cause damage to your organization, steal critical secrets, or put you out of business, they just have to find a job opening, prepare someone to pass the in...

A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization....

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterpris...

A CISO has implemented a risk management capability within the security portfolio. Which of the following terms best describes this functionality?

Using the Transport Layer Security (TLS) protocol enables a client in a network to be:

The network administrator wants to strengthen physical security in the organization. Specifically, to implement a solution stopping people from entering certain restricted zones wi...

Which of the following is the MOST logical method of deploying security controls within an organization?

Which of the following is a primary method of applying consistent configurations to IT systems?

Where does bottom-up financial planning primarily gain information for creating budgets?

Which of the following best describes revenue?

Which of the following is the MOST effective method for discovering common technical vulnerabilities within the IT environment?

When project costs continually increase throughout implementation due to large or rapid changes in customer or user requirements, this is commonly known as:

During the 3rd quarter of a budget cycle, the CISO noticed she spent more than was originally planned in her annual budget. What is the condition of her current budgetary posture?

The primary purpose of a risk register is to:

If a Virtual Machine's (VM) data is being replicated and that data is corrupted, this corruption will automatically be replicated to the other machine(s). What would be the BEST co...

Which of the following best describes a portfolio?

What is meant by password aging?

An organization has a number of Local Area Networks (LANs) linked to form a single Wide Area Network (WAN). Which of the following would BEST ensure network continuity?

Which of the following is a common technology for visual monitoring?

Which of the following is an accurate statement regarding capital expenses?

A newly-hired CISO needs to understand the organization's financial management standards for business units and operations. Which of the following would be the best source of this...

A large number of accounts in a hardened system were suddenly compromised to an external party. Which of the following is the MOST probable threat actor involved in this incident?

Which of the following defines the boundaries and scope of a risk assessment?

Simon had all his systems administrators implement hardware and software firewalls to ensure network security. They implemented IDS/IPS systems throughout the network to check for...

Which of the following is true regarding expenditures?

At what level of governance are individual projects monitored and managed?

A digital signature addresses which of the following concerns?

What are the three stages of an identity and access management system?

During the last decade, what trend has caused the MOST serious issues in relation to physical security?

Which of the following is the MOST important reason for performing assessments of the security portfolio?

Which of the following terms is used to describe countermeasures implemented to minimize risks to physical property, information, and computing systems?

Which of the following best describes an access control process that confirms the identity of the entity seeking access to a logical or physical area?

As the Chief Information Security Officer, you are performing an assessment of security posture to understand what your Defense-in-Depth capabilities are. Which network security te...

Michael starts a new job and discovers that he has unnecessary access to a variety of systems. Which of the following best describes the problem he has encountered?

Which of the following best describes the sensors designed to project and detect a light beam across an area?

As the Chief Information Security Officer, you want to ensure data shared securely, especially when shared with third parties outside the organization. What protocol provides the a...

As the CISO, you have been tasked with the execution of the company's key management program. You MUST ensure the integrity of encryption keys at the point of generation. Which pri...

What is one key difference between Capital expenditures and Operating expenditures?

Which of the following is used to lure attackers into false environments so they can be monitored, contained, or blocked from reaching critical systems?

Which of the following is an accurate description of a balance sheet?

A CISO wants to change the defense strategy to ward off attackers. To accomplish this the CISO is looking to a strategy where attackers are lured into a zone of a safe network wher...

What is the difference between encryption and tokenization?

Which of the following information would MOST likely be reported at the board-level within an organization?

Which technology can provide a computing environment without requiring a dedicated hardware backend?