712-50 Exam Questions

What process defines the framework of rules and practices by which a board of directors ensure accountability, fairness and transparency in an organization's relationship with its...

As the Business Continuity Coordinator of a financial services organization, you are responsible for ensuring assets are recovered timely in the event of a disaster. Which is the B...

What are the three hierarchically related aspects of strategic planning and in which order should they be done?

Which regulation or policy governs protection of personally identifiable user data gathered during a cyber investigation?

Which of the following would negatively impact a log analysis of a multinational organization?

Which of the following statements below regarding Key Performance indicators (KPIs) are true?

When information security falls under the Chief Information Officer (CIO), what is their MOST essential role?

ABC Limited has recently suffered a security breach with customers' social security number available on the dark web for sale. The CISO, during the time of the incident, has been f...

An organization recently acquired a Data Loss Prevention (DLP) solution, and two months after the implementation, it was found that sensitive data was posted to numerous Dark Web s...

The main purpose of the SOC is:

When obtaining new products and services, why is it essential to collaborate with lawyers, IT security professionals, privacy professionals, security engineers, suppliers, and othe...

A cloud computing environment that is bound together by technology that allows data and applications to be shared between public and private clouds is BEST referred to as a?

When reviewing a Solution as a Service (SaaS) provider's security health and posture, which key document should you review?

As the Risk Manager of an organization, you are task with managing vendor risk assessments. During the assessment, you identified that the vendor is engaged with high profiled clie...

What is a Statement of Objectives (SOA)?

During a cyber incident, which non-security personnel might be needed to assist the security team?

With a focus on the review and approval aspects of board responsibilities, the Data Governance Council recommends that the boards provide strategic oversight regarding information...

You are the CISO for an investment banking firm. The firm is using artificial intelligence (AI) to assist in approving clients for loans. Which control is MOST important to protect...

Which level of data destruction applies logical techniques to sanitize data in all user-addressable storage locations?

A university recently hired a CISO. One of the first tasks is to develop a continuity of operations plan (COOP). In developing the business impact assessment (BIA), which of the fo...

A key cybersecurity feature of a Personal Identification Verification (PIV) Card is:

When performing a forensic investigation, what are the two MOST common data sources for obtaining evidence from a computer and mobile devices?

To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?

You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. O...

Who should be involved in the development of an internal campaign to address email phishing?

Of the following types of SOCs (Security Operations Centers), which one would be MOST likely used if the CISO has decided to outsource the infrastructure and administration of it?

Many successful cyber-attacks currently include:

When evaluating a Managed Security Services Provider (MSSP), which service(s) is/are most important:

Which of the following strategies provides the BEST response to a ransomware attack?

What is the MOST critical output of the incident response process?

Who is responsible for verifying that audit directives are implemented?

XYZ is a publicly-traded software development company. Who is ultimately accountable to the shareholders in the event of a cybersecurity breach?

What organizational structure combines the functional and project structures to create a hybrid of the two?

The primary responsibility for assigning entitlements to a network share lies with which role?

What does RACI stand for?

What key technology can mitigate ransomware threats?

Which of the following are the triple constraints of project management?

A Security Operations (SecOps) Manager is considering implementing threat hunting to be able to make better decisions on protecting information and assets. What is the MAIN goal of...

A bastion host should be placed:

Optical biometric recognition such as retina scanning provides access to facilities through reading the unique characteristics of a person's eye. However, authorization failures ca...

The Board of Directors of a publicly-traded company is concerned about the security implications of a strategic project that will migrate 50% of the organization's information tech...

What is the primary difference between regulations and standards?

A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and...

As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security informat...

A CISO must conduct risk assessments using a method where the Chief Financial Officer (CFO) receives impact data in financial terms to use as input to select the proper level of co...

What is a key policy that should be part of the information security plan?

Which of the following is the MOST effective method to counter phishing attacks?

You have been promoted to the CISO of a big-box retail store chain reporting to the Chief Information Officer (CIO). The CIO's first mandate to you is to develop a cybersecurity co...

In defining a strategic security plan for an organization, what should a CISO first analyze?

An auditor is reviewing the security classifications for a group of assets and finds that many of the assets are not correctly classified. What should the auditor's NEXT step be?