Question 1

Which of the following best describes an access control process that confirms the identity of the entity seeking

access to a logical or physical area?

Options :

A : Identification

B : Authorization

C : Authentication

D : Accountability

Answer: B

Question 2

Which of the following is a major benefit of applying risk levels?

Options :

A : Risk management governance becomes easier since most risks remain low once mitigated

B : Resources are not wasted on risks that are already managed to an acceptable level

C : Risk budgets are more easily managed due to fewer identified risks as a result of using a methodology

D : Risk appetite can increase within the organization once the levels are understood

Answer: B

Question 3

An organization is looking for a framework to measure the efficiency and effectiveness of their Information Security Management System. Which of the following international standards can BEST assist this organization?

Options :

A : International Organization for Standardizations -- 27004 (ISO-27004)

B : Payment Card Industry Data Security Standards (PCI-DSS)

C : Control Objectives for Information Technology (COBIT)

D : International Organization for Standardizations -- 27005 (ISO-27005)

Answer: A

Question 4

Physical security measures typically include which of the following components?

Options :

A : Physical, Technical, Operational

B : Technical, Strong Password, Operational

C : Operational, Biometric, Physical

D : Strong password, Biometric, Common Access Card

Answer: A

Question 5

Which of the following is a countermeasure to prevent unauthorized database access from web applications?

Options :

A : Session encryption

B : Removing all stored procedures

C : Input sanitization

D : Library control

Answer: C

Higher Test Marks with Free Online 712-50 Exam Practice

Buying Options: