Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and dat a. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.Recently, members of your organization have been targeted through a number of sophisticated phishing attempts and have compromised their system credentials. What action can you take to prevent the misuse of compromised credentials to change bank account information from outside your organization while still allowing employees to manage their bank information?

Block access to the Employee-Self Service application via VPN

Turn off VPN access for users originating from outside the country

Enable monitoring on the VPN for suspicious activity

Force a change of all passwords

Block access to the Employee-Self Service application via VPN

Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and dat a. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.The organization wants a more permanent solution to the threat to user credential compromise through phishing. What technical solution would BEST address this issue?

Multi-factor authentication employing hard tokens

Professional user education on phishing conducted by a reputable vendor

Multi-factor authentication employing hard tokens

Forcing password changes every 90 days

Decreasing the number of employees with administrator privileges

SCENARIO: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization's needs.What is the MOST logical course of action the CISO should take?

Review the original solution set to determine if another system would fit the organization's risk appetite and budget regulatory compliance requirements

Continue with the implementation and submit change requests to the vendor in order to ensure required functionality will be provided when needed

Continue with the project until the scalability issue is validated by others, such as an auditor or third party assessor

Cancel the project if the business need was based on internal requirements versus regulatory compliance requirements

SCENARIO: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization's needs.The CISO is unsure of the information provided and orders a vendor proof of concept to validate the system's scalability. This demonstrates which of the following?

A risk-based approach to determine if the solution is suitable for investment

An approach that allows for minimum budget impact if the solution is unsuitable

A methodology-based approach to ensure authentication mechanism functions

An approach providing minimum time impact to the implementation schedules

A risk-based approach to determine if the solution is suitable for investment

SCENARIO: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization's needs.The CISO discovers the scalability issue will only impact a small number of network segments. What is the next logical step to ensure the proper application of risk management methodology within the two-facto implementation project?

Determine if sufficient mitigating controls can be applied

Create new use cases for operational use of the solution

Determine if sufficient mitigating controls can be applied

Decide to accept the risk on behalf of the impacted business units

Report the deficiency to the audit team and create process exceptions

Scenario: As you begin to develop the program for your organization, you assess the corporate culture and determine that there is a pervasive opinion that the security program only slows things down and limits the performance of the "real workers." What must you do first in order to shift the prevailing opinion and reshape corporate culture to understand the value of information security to the organization?

Understand the business and focus your efforts on enabling operations securely

Cite compliance with laws, statutes, and regulations – explaining the financial implications for the company for non-compliance

Understand the business and focus your efforts on enabling operations securely

Draw from your experience and recount stories of how other companies have been compromised

Cite corporate policy and insist on compliance with audit findings

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agend a.The CISO has been able to implement a number of technical controls and is able to influence the Information Technology teams but has not been able to influence the rest of the organization. From an organizational perspective, which of the following is the LIKELY reason for this?

The CISO reports to the IT organization

The CISO does not report directly to the CEO of the organization

The CISO reports to the IT organization

The CISO has not implemented a policy management framework

The CISO has not implemented a security awareness program

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.Which of the following is the reason the CISO has not been able to advance the security agenda in this organization?

Lack of influence with leaders outside IT

Lack of identification of technology stake holders

Lack of business continuity process

Lack of influence with leaders outside IT

Lack of a security awareness program

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.From an Information Security Leadership perspective, which of the following is a MAJOR concern about the CISO's approach to security?

Lack of risk management process

Lack of sponsorship from executive management

Scenario: The new CISO was informed of all the Information Security projects that the section has in progress. Two projects are over a year behind schedule and way over budget.Which of the following will be most helpful for getting an Information Security project that is behind schedule back on schedule?

More frequent project milestone meetings

You are just hired as the new CISO and are being briefed on all the Information Security projects that your section has on going. You discover that most projects are behind schedule and over budget.Using the best business practices for project management you determine that the project correct aligns with the company goals. What needs to be verified FIRST?

Training of the personnel on the project

Timeline of the project milestones

The new CISO was informed of all the Information Security projects that the organization has in progress. Two projects are over a year behind schedule and over budget. Using best business practices for project management you determine that the project correctly aligns with the company goals.Which of the following needs to be performed NEXT?

Verify the scope of the project

Verify the regulatory requirements

Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has full access to the data on the foreign server.What action should you take FIRST?

Consult with other C-Level executives to develop an action plan

Destroy the repository of stolen data

Contact your local law enforcement agency

Consult with other C-Level executives to develop an action plan

Contract with a credit reporting company for paid monitoring services for affected customers

Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has full access to the data on the foreign server.Your defenses did not hold up to the test as originally thought. As you investigate how the data was compromised through log analysis you discover that a hardworking, but misguided business intelligence analyst posted the data to an obfuscated URL on a popular cloud storage service so they could work on it from home during their off-time. Which technology or solution could you deploy to prevent employees from removing corporate data from your network? Choose the BEST answer.

Security Guards posted outside the Data Center

Intrusion Detection Systems (IDS)

Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.How can you reduce the administrative burden of distributing symmetric keys for your employer?

Use asymmetric encryption for the automated distribution of the symmetric key

Use a self-generated key on both ends to eliminate the need for distribution

Use certificate authority to distribute private keys

Symmetrically encrypt the key and then use asymmetric encryption to unencrypt it

Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.Symmetric encryption in general is preferable to asymmetric encryption when:

The speed of the encryption / deciphering process is essential

The number of unique communication links is large

The volume of data being transmitted is small

The speed of the encryption / deciphering process is essential

The distance to the end node is farthest away

Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target company. Just as the employee opens the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so that he can enter. What is the best way to undermine the social engineering activity of tailgating?

Educate and enforce physical security policies of the company to all the employees on a regular basis

Post a sign that states, "no tailgating" next to the special card reader adjacent to the secure door

Issue special cards to access secure doors at the company and provide a one-time only brief description of use of the special card

Educate and enforce physical security policies of the company to all the employees on a regular basis

Setup a mock video camera next to the special card reader adjacent to the secure door

If the result of an NPV is positive, then the project should be selected. The net present value shows the present value of the project, based on the decisions taken for its selection. What is the net present value equal to?

Average profit – Annual investment

Net profit – per capita income

Total investment – Discounted cash

Average profit – Annual investment

Initial investment – Future value

If a competitor wants to cause damage to your organization, steal critical secrets, or put you out of business, they just have to find a job opening, prepare someone to pass the interview, have that person hired, and they will be in the organization. How would you prevent such type of attacks?

Conduct thorough background checks before you engage them

Hire the people through third-party job agencies who will vet them for you

Investigate their social networking profiles

It is impossible to block these attacks

A CISO decides to analyze the IT infrastructure to ensure security solutions adhere to the concepts of how hardware and software is implemented and managed within the organization. Which of the following principles does this best demonstrate?

Create a comprehensive security awareness program and provide success metrics to business units

Effective use of existing technologies

Create a comprehensive security awareness program and provide success metrics to business units

Leveraging existing implementations

Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.From an Information Security Leadership perspective, which of the following is a MAJOR concern about the CISO's approach to security?

Lack of risk management process

Lack of sponsorship from executive management

Using the Transport Layer Security (TLS) protocol enables a client in a network to be:

Assured of the server's identity

Provided with a digital signature

Assured of the server's identity

Which of the following is the MOST logical method of deploying security controls within an organization?

Apply the simpler controls as quickly as possible and use a risk-based approach for the more difficult and costly controls

Obtain funding for all desired controls and then create project plans for implementation

Apply the simpler controls as quickly as possible and use a risk-based approach for the more difficult and costly controls

Apply the least costly controls to demonstrate positive program activity

Obtain business unit buy-in through close communication and coordination

Where does bottom-up financial planning primarily gain information for creating budgets?

By adding all planned operational expenses per quarter then summarizing them in a budget request

By adding all capital and operational costs from the prior budgetary cycle, and determining potential financial shortages

By reviewing last year's program-level costs and adding a percentage of expected additional portfolio costs

By adding the cost of all known individual tasks and projects that are planned for the next budgetary cycle

By adding all planned operational expenses per quarter then summarizing them in a budget request

Which of the following best describes revenue?

The economic benefit derived by operating a business

Non-operating financial liabilities minus expenses

The true profit-making potential of an organization

The sum value of all assets and cash flow into the business

The economic benefit derived by operating a business

Which of the following is the MOST effective method for discovering common technical vulnerabilities within the IT environment?

Reviewing system administrator logs

Auditing configuration templates

Checking vendor product releases

ECCouncil 712-50 Practice Test 9 - Free Online Exam Prep & Questions

Scenario: You are the CISO and have just completed your first risk assessment for your organization.

You find many risks with no security controls, and some risks with inadequate controls. You assign work to your staff to create or adjust existing security controls to ensure they are adequate for risk mitigation needs.

When formulating the remediation plan, what is a required input?

Become a Premium Member for full access

Unlock Premium Member

ECCouncil 712-50 Practice Test 9

Question

ECCouncil 712-50 Practice Tests

Practice Tests