712-50 Exam Dumps | Scenario: Your organization employs single sign-on (user name and password only) as a convenience to

<< Prev Question Next Question >>

Question 134/205

Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and dat a. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.
Once supervisors and data owners have approved requests, information system administrators will implement

A. Technical control(s)

B. Operational control(s)

C. Policy control(s)

D. Management control(s)

Question List (205q): Question 1: What are the three stages of an identity and access manageme...; Question 2: Which of the following information may be found in table top...; Question 3: Scenario: An organization has made a decision to address Inf...; Question 4: A stakeholder is a person or group:...; Question 5: Which level of data destruction applies logical techniques t...; Question 6: The primary responsibility for assigning entitlements to a n...; Question 7: The framework that helps to define a minimum standard of pro...; Question 8: SCENARIO: A Chief Information Security Officer (CISO) recent...; Question 9: The mean time to patch, number of virus outbreaks prevented,...; Question 10: The primary purpose of a risk register is to:...; Question 11: A university recently hired a CISO. One of the first tasks i...; Question 12: Which of the following are necessary to formulate responses ...; Question 13: Scenario: Your company has many encrypted telecommunications...; Question 14: To get an Information Security project back on schedule, whi...; Question 15: Which of the following is the MOST effective way to measure ...; Question 16: Which of the following is the MAIN reason to follow a formal...; Question 17: When measuring the effectiveness of an Information Security ...; Question 18: John is the project manager for a large project in his organ...; Question 19: A customer of a bank has placed a dispute on a payment for a...; Question 20: A system is designed to dynamically block offending Internet...; Question 21: You have recently drafted a revised information security pol...; Question 22: The exposure factor of a threat to your organization is defi...; Question 23: Which of the following is the MOST effective method to count...; Question 24: Which of the following activities results in change requests...; Question 25: An organization's Information Security Policy is of MOST imp...; Question 26: Which of the following is the PRIMARY purpose of Internation...; Question 27: A global retail organization is looking to implement a consi...; Question 28: What are the common data hiding techniques used by criminals...; Question 29: You have implemented a new security control. Which of the fo...; Question 30: Smith, the project manager for a larger multi-location firm,...; Question 31: Scenario: An organization has recently appointed a CISO. Thi...; Question 32: Your penetration testing team installs an in-line hardware k...; Question 33: What are the three hierarchically related aspects of strateg...; Question 34: When deploying an Intrusion Prevention System (IPS) the BEST...; Question 35: What is the primary reason for performing vendor management?...; Question 36: What is meant by password aging?...; Question 37: Which is the BEST solution to monitor, measure, and report c...; Question 38: An IT auditor has recently discovered that because of a shor...; Question 39: Which of the following best represents a calculation for Ann...; Question 40: The ability to hold intruders accountable in a court of law ...; Question 41: Which of the following is considered one of the most frequen...; Question 42: A newly-hired CISO needs to understand the organization's fi...; Question 43: The Annualized Loss Expectancy (Before) minus Annualized Los...; Question 44: The total cost of security controls should:...; Question 45: When updating the security strategic planning document what ...; Question 46: Which of the following is considered the MOST effective tool...; Question 47: A recommended method to document the respective roles of gro...; Question 48: What is the MOST critical output of the incident response pr...; Question 49: The process to evaluate the technical and non-technical secu...; Question 50: An organization's firewall technology needs replaced. A spec...; Question 51: When analyzing and forecasting an operating expense budget w...; Question 52: Which of the following tests is an IS auditor performing whe...; Question 53: What type of attack requires the least amount of technical e...; Question 54: In order for a CISO to have true situational awareness there...; Question 55: Which of the following is considered the foundation for the ...; Question 56: An organization is looking for a framework to measure the ef...; Question 57: Which of the following backup sites takes the longest recove...; Question 58: A CISO decides to analyze the IT infrastructure to ensure se...; Question 59: Scenario: An organization has recently appointed a CISO. Thi...; Question 60: A missing/ineffective security control is identified. Which ...; Question 61: The ability to demand the implementation and management of s...; Question 62: When reviewing a Solution as a Service (SaaS) provider's sec...; Question 63: SCENARIO: A Chief Information Security Officer (CISO) recent...; Question 64: Which of the following is a weakness of an asset or group of...; Question 65: When selecting a security solution with reoccurring maintena...; Question 66: Dataflow diagrams are used by IT auditors to:...; Question 67: When dealing with a risk management process, asset classific...; Question 68: Which of the following has the GREATEST impact on the implem...; Question 69: A CISO has recently joined an organization with a poorly imp...; Question 70: A Chief Information Security Officer received a list of high...; Question 71: Which of the following is the BEST indicator of a successful...; Question 72: Which of the following functions MUST your Information Secur...; Question 73: SCENARIO: Critical servers show signs of erratic behavior wi...; Question 74: The alerting, monitoring, and lifecycle management of securi...; Question 75: Developing effective security controls is a balance between:...; Question 76: Which of the following provides an audit framework?...; Question 77: Scenario: You are the CISO and have just completed your firs...; Question 78: Which of the following is the MOST important to share with a...; Question 79: At which point should the identity access management team be...; Question 80: A security manager has created a risk program. Which of the ...; Question 81: Which of the following best describes the purpose of the Int...; Question 82: Within an organization's vulnerability management program, w...; Question 83: SCENARIO: A CISO has several two-factor authentication syste...; Question 84: Who is responsible for verifying that audit directives are i...; Question 85: When creating contractual agreements and procurement process...; Question 86: What is the primary reason for performing a return on invest...; Question 87: You have a system with 2 identified risks. You determine the...; Question 88: The new CISO was informed of all the Information Security pr...; Question 89: When an organization claims it is secure because it is PCI-D...; Question 90: Bob waits near a secured door, holding a box. He waits until...; Question 91: Risk is defined as:; Question 92: Which of the following is a term related to risk management ...; Question 93: Which of the following is considered a project versus a mana...; Question 94: Which of the following information would MOST likely be repo...; Question 95: The executive board has requested that the CISO of an organi...; Question 96: When a CISO considers delaying or not remediating system vul...; Question 97: Information security policies should be reviewed:...; Question 98: Step-by-step procedures to regain normalcy in the event of a...; Question 99: Which of the following are primary concerns for management w...; Question 100: A recent audit has identified a few control exceptions and i...; Question 101: When a critical vulnerability has been discovered on product...; Question 102: File Integrity Monitoring (FIM) is considered a...; Question 103: Which of the following is the MOST logical method of deployi...; Question 104: Ensuring that the actions of a set of people, applications a...; Question 105: You are the CISO of a commercial social media organization. ...; Question 106: Which type of physical security control scan a person's exte...; Question 107: The single most important consideration to make when develop...; Question 108: Scenario: As you begin to develop the program for your organ...; Question 109: A CISO decides to analyze the IT infrastructure to ensure se...; Question 110: Which of the following activities is the MAIN purpose of the...; Question 111: Which of the following is critical in creating a security pr...; Question 112: An organization has a stated requirement to block certain tr...; Question 113: Which of the following is a MAJOR consideration when an orga...; Question 114: Risk that remains after risk mitigation is known as...; Question 115: Why is it vitally important that senior management endorse a...; Question 116: Which of the following are not stakeholders of IT security p...; Question 117: During the last decade, what trend has caused the MOST serio...; Question 118: Human resource planning for security professionals in your o...; Question 119: Scenario: Most industries require compliance with multiple g...; Question 120: When dealing with Security Incident Response procedures, whi...; Question 121: The FIRST step in establishing a security governance program...; Question 122: Your IT auditor is reviewing significant events from the pre...; Question 123: When managing a project, the MOST important activity in mana...; Question 124: Who should be involved in the development of an internal cam...; Question 125: How often should the SSAE16 report of your vendors be review...; Question 126: Which of the following would negatively impact a log analysi...; Question 127: The process of creating a system which divides documents bas...; Question 128: When gathering security requirements for an automated busine...; Question 129: When performing a forensic investigation, what are the two M...; Question 130: Scenario: The new CISO was informed of all the Information S...; Question 131: Acme Inc. has engaged a third party vendor to provide 99.999...; Question 132: The general ledger setup function in an enterprise resource ...; Question 133: Which of the following will be MOST helpful for getting an I...; Question 134: Scenario: Your organization employs single sign-on (user nam...; Question 135: Your incident handling manager detects a virus attack in the...; Question 136: The process for identifying, collecting, and producing digit...; Question 137: A newly appointed security officer finds data leakage softwa...; Question 138: Which represents PROPER separation of duties in the corporat...; Question 139: Which of the following represents the BEST method of ensurin...; Question 140: When is an application security development project complete...; Question 141: A Security Operations Centre (SOC) manager is informed that ...; Question 142: A CISO implements smart cards for credential management, and...; Question 143: A security officer wants to implement a vulnerability scanni...; Question 144: What is a Statement of Objectives (SOA)?...; Question 145: When evaluating a Managed Security Services Provider (MSSP),...; Question 146: As the Risk Manager of an organization, you are task with ma...; Question 147: When considering using a vendor to help support your securit...; Question 148: Scenario: You are the CISO and have just completed your firs...; Question 149: Which of the following is true regarding expenditures?...; Question 150: According to the National Institute of Standards and Technol...; Question 151: Which of the following best describes revenue?...; Question 152: SCENARIO: Critical servers show signs of erratic behavior wi...; Question 153: Your incident response plan should include which of the foll...; Question 154: Who is responsible for securing networks during a security i...; Question 155: What are the primary reasons for the development of a busine...; Question 156: Which of the following provides an independent assessment of...; Question 157: A CISO decides to analyze the IT infrastructure to ensure se...; Question 158: Simon had all his systems administrators implement hardware ...; Question 159: During the 3rd quarter of a budget cycle, the CISO noticed s...; Question 160: Your organization provides open guest wireless access with n...; Question 161: You have been promoted to the CISO of a retail store. Which ...; Question 162: An international organization is planning a project to imple...; Question 163: Information Security is often considered an excessive, after...; Question 164: SCENARIO: A CISO has several two-factor authentication syste...; Question 165: One of the MAIN goals of a Business Continuity Plan is to...; Question 166: When operating under severe budget constraints a CISO will h...; Question 167: As the CISO you need to write the IT security strategic plan...; Question 168: If your organization operates under a model of "assumption o...; Question 169: Scenario: An organization has made a decision to address Inf...; Question 170: Scenario: Your corporate systems have been under constant pr...; Question 171: Regulatory requirements typically force organizations to imp...; Question 172: The amount of risk an organization is willing to accept in p...; Question 173: Michael starts a new job and discovers that he has unnecessa...; Question 174: The organization does not have the time to remediate the vul...; Question 175: The Information Security Management program MUST protect:...; Question 176: An application vulnerability assessment has identified a sec...; Question 177: Which of the following is the MOST important benefit of an e...; Question 178: Which of the following functions evaluates risk present in I...; Question 179: The rate of change in technology increases the importance of...; Question 180: Which of the following best describes a portfolio?...; Question 181: In effort to save your company money which of the following ...; Question 182: From an information security perspective, information that n...; Question 183: A large number of accounts in a hardened system were suddenl...; Question 184: A severe security threat has been detected on your corporate...; Question 185: What is a difference from the list below between quantitativ...; Question 186: The PRIMARY objective of security awareness is to:...; Question 187: A company wants to fill a Chief Information Security Officer...; Question 188: Scenario: Your organization employs single sign-on (user nam...; Question 189: An information security department is required to remediate ...; Question 190: Which of the following conditions would be the MOST probable...; Question 191: When would it be more desirable to develop a set of decentra...; Question 192: Which of the following is MOST important when dealing with a...; Question 193: Which of the following is a symmetric encryption algorithm?...; Question 194: What is the main purpose of the Incident Response Team?...; Question 195: When you develop your audit remediation plan what is the MOS...; Question 196: What is the relationship between information protection and ...; Question 197: A system was hardened at the Operating System level and plac...; Question 198: Which of the following is the MOST important reason for perf...; Question 199: You have been hired as the Information System Security Offic...; Question 200: Optical biometric recognition such as retina scanning provid...; Question 201: Which of the following international standards can be BEST u...; Question 202: As the new CISO at the company you are reviewing the audit r...; Question 203: A bastion host should be placed:...; Question 204: Which of the following is of MOST importance when security l...; Question 205: A CISO wants to change the defense strategy to ward off atta...

Question 134/205

LEAVE A REPLY

Download PDF File