Question 1

A security manager regualrly checks work areas after buisness hours for security violations; such as unsecured files or unattended computers with active sessions. This activity BEST demonstrates what part of a security program?

Options :

A : Audit validation

B : Physical control testing

C : Compliance management

D : Security awareness training

Answer: C

Question 2

Which of the following are primary concerns for management with regard to assessing internal control objectives?

Options :

A : Confidentiality, Availability, Integrity

B : Compliance, Effectiveness, Efficiency

C : Communication, Reliability, Cost

D : Confidentiality, Compliance, Cost

Answer: B

Question 3

Which of the following is an accurate description of a balance sheet?

Options :

A : The percentage of earnings that are retained by the organization for reinvestment in the business

B : The details of expenses and revenue over a long period of time

C : A summarized statement of all assets and liabilities at a specific point in time

D : A review of regulations and requirements impacting the business from a financial perspective

Answer: C

Question 4

When entering into a third party vendor agreement for security services, at what point in the process is it BEST to understand and validate the security posture and compliance level of the vendor?

Options :

A : At the time the security services are being performed and the vendor needs access to the network

B : Once the agreement has been signed and the security vendor states that they will need access to the network

C : Once the vendor is on premise and before they perform security services

D : Prior to signing the agreement and before any security services are being performed

Answer: D

Question 5

Which business stakeholder is accountable for the integrity of a new information system?

Options :

A : CISO

B : Compliance Officer

C : Project manager

D : Board of directors

Answer: A

Smartly Prepare Exam with Free Online 712-50 Practice Test

Buying Options: