Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

712-50Free trial

By eccouncil

Verified

25Q per page

Question 1

When briefing senior management on the creation of a governance process, the MOST important aspect should be:

A: knowledge required to analyze each issue
B: information security metrics
C: linkage to business area objectives
D: baseline against which metrics are evaluated

—

Question 2

Which of the following is of MOST importance when security leaders of an organization are required to align security to influence the culture of an organization?

A: Understand the business goals of the organization
B: Poses a strong technical background
C: Poses a strong auditing background
D: Understand all regulations affecting the organization

—

Question 3

Which of the following activities results in change requests?

A: Corrective actions
B: Defect repair
C: Preventive actions
D: Inspection

—

Question 4

Who is responsible for securing networks during a security incident?

A: Security Operations Center (SOC)
B: Chief Information Security Officer (CISO)
C: Disaster Recovery (DR) manager
D: Incident response Team (IRT)

—

Question 5

The success of the Chief Information Security Officer is MOST dependent upon:

A: following the recommendations of consultants and contractors
B: raising awareness of security issues with end users
C: favorable audit findings
D: development of relationships with organization executives

—

Question 6

The PRIMARY objective of security awareness is to:

A: Encourage security-conscious employee behavior
B: Put employees on notice in case follow-up action for noncompliance is necessary
C: Ensure that security policies are read
D: Meet legal and regulatory requirements

—

Question 7

What should an organization do to ensure that they have a sound Business Continuity (BC) Plan?

A: Conduct a Disaster Recovery (DR) exercise every year to test the plan
B: Conduct periodic tabletop exercises to refine the BC plan
C: Test every three years to ensure that the BC plan is valid
D: Define the Recovery Point Objective (RPO)

—

Question 8

Which of the following is MOST likely to be discretionary?

A: Policies
B: Procedures
C: Guidelines
D: Standards

—

Question 9

Many times a CISO may have to speak to the Board of Directors (BOD) about their cyber security posture.
What would be the BEST choice of security metrics to present to the BOD?

A: All vulnerabilities found on servers and desktops
B: Only critical and high vulnerabilities servers
C: Only critical and high vulnerabilities on servers and desktops
D: All vulnerabilities that impact important production servers

—

Question 10

Creating a secondary authentication process for network access would be an example of?

A: Defense in depth cost enumerated costs
B: Nonlinearities in physical security performance metrics
C: System hardening and patching requirements
D: Anti-virus for mobile devices

—

Question 11

Which of the following BEST describes an international standard framework that is based on the security model Information Technology-Code of Practice for
Information Security Management?

A: National Institute of Standards and technology Special Publication SP 800-12
B: Request for Comment 2196
C: International Organization for Standardization 27001
D: National Institute of Standards and technology Special Publication SP 800-26

—

Question 12

Which of the following has the GREATEST impact on the implementation of an information security governance model?

A: Complexity of organizational structure
B: Distance between physical locations
C: Organizational budget
D: Number of employees

—

Question 13

You are the Chief Information Security Officer of a large, multinational bank and you suspect there is a flaw in a two factor authentication token management process.
Which of the following represents your BEST course of action?

A: Determine program ownership to implement compensating controls
B: Send a report to executive peers and business unit owners detailing your suspicions
C: Validate that security awareness program content includes information about the potential vulnerability
D: Conduct a throughout risk assessment against the current implementation to determine system functions

—

Question 14

Which is the BEST solution to monitor, measure, and report changes to critical data in a system?

A: SNMP traps
B: Syslog
C: File integrity monitoring
D: Application logs

—

Question 15

When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?

A: Eradication
B: Escalation
C: Containment
D: Recovery

—

Question 16

A new CISO just started with a company and on the CISO's desk is the last complete Information Security Management audit report. The audit report is over two years old.
After reading it, what should be your first priority?

A: Review the recommendations and follow up to see if audit implemented the changes
B: Meet with audit team to determine a timeline for corrections
C: Have internal audit conduct another audit to see what has changed.
D: Contract with an external audit company to conduct an unbiased audit

—

Question 17

Which of the following set of processes is considered to be one of the cornerstone cycles of the International Organization for Standardization (ISO) 27001 standard?

A: Plan-Check-Do-Act
B: Plan-Select-Implement-Evaluate
C: Plan-Do-Check-Act
D: SCORE (Security Consensus Operational Readiness Evaluation)

—

Question 18

When you develop your audit remediation plan what is the MOST important criteria?

A: To validate the remediation process with the auditor.
B: To validate that the cost of the remediation is less than risk of the finding.
C: To remediate half of the findings before the next audit.
D: To remediate all of the findings before the next audit.

—

Question 19

What is the relationship between information protection and regulatory compliance?

A: That all information in an organization must be protected equally.
B: The information required to be protected by regulatory mandate does not have to be identified in the organizations data classification policy.
C: There is no relationship between the two.
D: That the protection of some information such as National ID information is mandated by regulation and other information such as trade secrets are protected based on business need.

—

Question 20

A Chief Information Security Officer received a list of high, medium, and low impact audit findings.
Which of the following represents the BEST course of action?

A: If the findings do not impact regulatory compliance, remediate only the high and medium risk findings.
B: If the findings do not impact regulatory compliance, review current security controls.
C: If the findings impact regulatory compliance, try to apply remediation that will address the most findings for the least cost.
D: if the findings impact regulatory compliance, remediate the high findings as quickly as possible.

—

Question 21

An information security department is required to remediate system vulnerabilities when they are discovered. Please select the three primary remediation methods that can be used on an affected system.

A: Install software patch, configuration adjustment, software removal
B: Install software patch, operate system, maintain system
C: Discover software, remove affected software, apply software patch
D: Software removal, install software patch, maintain system

—

Question 22

Which represents PROPER separation of duties in the corporate environment?

A: Information Security and Network teams perform two distinct functions
B: Information Security and Identity Access Management teams perform two distinct functions
C: Finance has access to Human Resources data
D: Developers and Network teams both have admin rights on servers

—

Question 23

Who in the organization determines access to information?

A: Compliance officer
B: Legal department
C: Data Owner
D: Information security officer

—

Question 24

Step-by-step procedures to regain normalcy in the event of a major earthquake is PRIMARILY covered by which of the following plans?

A: Damage control plan
B: Disaster recovery plan
C: Business Continuity plan
D: Incident response plan

—

Question 25

An employee successfully avoids becoming a victim of a sophisticated spear phishing attack due to knowledge gained through the corporate information security awareness program.
What type of control has been effectively utilized?

A: Technical Control
B: Management Control
C: Operational Control
D: Training Control

—

Page 1 of 8 • Questions 1-25 of 184

1 2 3 4 5

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!