What framework of rules and practices is used by a Board of Directors to provide accountability, fairness, and transparency in the organization's interactions with its shareholders?
A. Risk management
B. Audit oversight
C. Stock performance
D. Corporate governance
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Which of the following functions MUST your Information Security Governance program include for formal organizational reporting?
A. Budget and Compliance
B. Human Resources and Budget
C. Audit and Legal
D. Legal and Human Resources
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
The Information Security Management program MUST protect:
A. against distributed denial of service attacks
B. critical business processes and /or revenue streams
C. intellectual property released into the public domain
D. all organizational assets
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
Controls that were implemented to correct prior audit findings are insufficient. Before adjusting controls, what original document should be reviewed?
A. Business Impact Analysis
B. Annual report to shareholders
C. Security process catalogue
D. Business recovery plan
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Which of the following is MOST effective when mitigating social engineering risks?
A. Security awareness programs
B. Phishing tests
C. Anti-malware tools
D. Threat and Vulnerability Management Programs
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
Which of the following activities must be completed BEFORE you can calculate risk?
A. Assigning a value to each information asset
B. Determining the likelihood that vulnerable systems will be attacked by specific threats
C. Calculating the risks to which assets are exposed in their current setting
D. Assessing the relative risk facing the organization's information assets
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
The regular review of a firewall ruleset is considered a
A. Procedural control
B. Management control
C. Organization control
D. Technical control
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 8:
Your company has limited resources to spend on security initiatives. The Chief Financial Officer asks you to prioritize the protection of information resources based on their value to the company. It is essential that you be able to communicate in language that your fellow executives will understand. You should:
A. Create a detailed technical executive summary
B. Create timelines for mitigation
C. Develop a cost-benefit analysis
D. Calculate annual loss expectancy
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 9:
You have been promoted to the CISO of a retail store. Which of the following compliance standards is the MOST important to the organization?
A. NIST Cybersecurity Framework
B. Payment Card Industry (PCI) Data Security Standard (DSS)
C. The Federal Risk and Authorization Management Program (FedRAMP)
D. ISO 27002
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
1482 お客様のコメント





Hayama -
この712-50問題集は使いこなせるのであれば私が一番おすすめする問題集、712-50試験対策には最高に使いやすいと思います。