Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

712-50Free trial

By eccouncil

Verified

25Q per page

Question 26

When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?

A: Compliance with local privacy regulations
B: An independent Governance, Risk and Compliance organization
C: Support Legal and HR teams
D: Alignment of security goals with business goals

—

Question 27

Which of the following are primary concerns for management with regard to assessing internal control objectives?

A: Confidentiality, Availability, Integrity
B: Compliance, Effectiveness, Efficiency
C: Communication, Reliability, Cost
D: Confidentiality, Compliance, Cost

—

Question 28

The effectiveness of an audit is measured by?

A: The number of security controls the company has in use
B: How it exposes the risk tolerance of the company
C: The number of actionable items in the recommendations
D: How the recommendations directly support the goals of the company

—

Question 29

Control Objectives for Information and Related Technology (COBIT) is which of the following?

A: An audit guideline for certifying secure systems and controls
B: An information Security audit standard
C: A framework for Information Technology management and governance
D: A set of international regulations for Information Technology governance

—

Question 30

Which of the following are not stakeholders of IT security projects?

A: Board of directors
B: Help Desk
C: Third party vendors
D: CISO

—

Question 31

The FIRST step in establishing a security governance program is to?

A: Obtain senior level sponsorship
B: Conduct a workshop for all end users.
C: Conduct a risk assessment.
D: Prepare a security budget.

—

Question 32

Your incident response plan should include which of the following?

A: Procedures for classification
B: Procedures for charge-back
C: Procedures for reclamation
D: Procedures for litigation

—

Question 33

To get an Information Security project back on schedule, which of the following will provide the MOST help?

A: Upper management support
B: More frequent project milestone meetings
C: Stakeholder support
D: None
E: Extend work hours

—

Question 34

You currently cannot provide for 24/7 coverage of your security monitoring and incident response duties and your company is resistant to the idea of adding more full-time employees to the payroll.
Which combination of solutions would help to provide the coverage needed without the addition of more dedicated staff?

A: Employ an assumption of breach protocol and defend only essential information resources.
B: Deploy a SEIM solution and have your staff review incidents first thing in the morning
C: Configure your syslog to send SMS messages to current staff when target events are triggered.
D: Engage a managed security provider and have current staff on call for incident response

—

Question 35

When an organization claims it is secure because it is PCI-DSS certified, what is a good first question to ask towards assessing the effectiveness of their security program?

A: How many credit records are stored?
B: What is the value of the assets at risk?
C: What is the scope of the certification?
D: How many servers do you have?

—

Question 36

Your company has a no right to privacy notice on all logon screens for your information systems and users sign an Acceptable Use Policy informing them of this condition. A peer group member and friend comes to you and requests access to one of her employee's email account.
What should you do?

A: Deny the request citing national privacy laws
B: None
C: Grant her access, the employee has been adequately warned through the AUP.
D: Assist her with the request, but only after her supervisor signs off on the action.
E: Reset the employee's password and give it to the supervisor.