ExamGecko
Login
Home / ECCouncil / 712-50 / List of questions
Ask Question

ECCouncil 712-50 Practice Test - Questions Answers

List of questions

Question 1

Report Export Collapse

When briefing senior management on the creation of a governance process, the MOST important aspect should be:

information security metrics.
information security metrics.
knowledge required to analyze each issue.
knowledge required to analyze each issue.
baseline against which metrics are evaluated.
baseline against which metrics are evaluated.
linkage to business area objectives.
linkage to business area objectives.
Suggested answer: D
asked 18/09/2024
claudine Nguepnang
46 questions

Question 2

Report Export Collapse

Which of the following most commonly falls within the scope of an information security governance steering committee?

Approving access to critical financial systems
Approving access to critical financial systems
Developing content for security awareness programs
Developing content for security awareness programs
Interviewing candidates for information security specialist positions
Interviewing candidates for information security specialist positions
Vetting information security policies
Vetting information security policies
Suggested answer: D
asked 18/09/2024
Amol Wani
48 questions

Question 3

Report Export Collapse

A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?

Lack of a formal security awareness program
Lack of a formal security awareness program
Lack of a formal security policy governance process
Lack of a formal security policy governance process
Lack of formal definition of roles and responsibilities
Lack of formal definition of roles and responsibilities
Lack of a formal risk management policy
Lack of a formal risk management policy
Suggested answer: B
asked 18/09/2024
Jozsef Stelly
53 questions

Question 4

Report Export Collapse

Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?

Need to comply with breach disclosure laws
Need to comply with breach disclosure laws
Need to transfer the risk associated with hosting PII data
Need to transfer the risk associated with hosting PII data
Need to better understand the risk associated with using PII data
Need to better understand the risk associated with using PII data
Fiduciary responsibility to safeguard credit card information
Fiduciary responsibility to safeguard credit card information
Suggested answer: C
asked 18/09/2024
Rostyslav Skrypnyk
55 questions

Question 5

Report Export Collapse

Credit card information, medical data, and government records are all examples of:

Confidential/Protected Information
Confidential/Protected Information
Bodily Information
Bodily Information
Territorial Information
Territorial Information
Communications Information
Communications Information
Suggested answer: A
asked 18/09/2024
Tim Pass
39 questions

Question 6

Report Export Collapse

The establishment of a formal risk management framework and system authorization program is essential. The LAST step of the system authorization process is:

Contacting the Internet Service Provider for an IP scope
Contacting the Internet Service Provider for an IP scope
Getting authority to operate the system from executive management
Getting authority to operate the system from executive management
Changing the default passwords
Changing the default passwords
Conducting a final scan of the live system and mitigating all high and medium level vulnerabilities
Conducting a final scan of the live system and mitigating all high and medium level vulnerabilities
Suggested answer: B
asked 18/09/2024
Chukwuebuka Ogbonna
46 questions

Question 7

Report Export Collapse

The single most important consideration to make when developing your security program, policies, and processes is:

Budgeting for unforeseen data compromises
Budgeting for unforeseen data compromises
Streamlining for efficiency
Streamlining for efficiency
Alignment with the business
Alignment with the business
Establishing your authority as the Security Executive
Establishing your authority as the Security Executive
Suggested answer: C
asked 18/09/2024
Eduardo Bravo
42 questions

Question 8

Report Export Collapse

An organization's Information Security Policy is of MOST importance because

it communicates management's commitment to protecting information resources
it communicates management's commitment to protecting information resources
it is formally acknowledged by all employees and vendors
it is formally acknowledged by all employees and vendors
it defines a process to meet compliance requirements
it defines a process to meet compliance requirements
it establishes a framework to protect confidential information
it establishes a framework to protect confidential information
Suggested answer: A
asked 18/09/2024
Sara Trela
36 questions

Question 9

Report Export Collapse

Developing effective security controls is a balance between:

Risk Management and Operations
Risk Management and Operations
Corporate Culture and Job Expectations
Corporate Culture and Job Expectations
Operations and Regulations
Operations and Regulations
Technology and Vendor Management
Technology and Vendor Management
Suggested answer: A
asked 18/09/2024
Arkadius Thoma
52 questions

Question 10

Report Export Collapse

The PRIMARY objective for information security program development should be:

Reducing the impact of the risk to the business.
Reducing the impact of the risk to the business.
Establishing strategic alignment with bunsiness continuity requirements
Establishing strategic alignment with bunsiness continuity requirements
Establishing incident response programs.
Establishing incident response programs.
Identifying and implementing the best security solutions.
Identifying and implementing the best security solutions.
Suggested answer: A
asked 18/09/2024
Joseph Varghese
43 questions
Total 460 questions
Go to page: of 46
Open VPLUS File
Convert VPLUS to PDF

Related questions

To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the
Smith, the project manager for a larger multi-location firm, is leading a software project team that has 18 members, 5 of which are assigned to testing. Due to recent recommendations by an organizational quality audit team, the project manager is convinced to add a quality professional to lead to test team at additional cost to the project. The project manager is aware of the importance of communication for the success of the project and takes the step of introducing additional communication channels, making it more complex, in order to assure quality levels of the project. What will be the first project management document that Smith should change in order to accommodate additional communication channels?
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
The executive board has requested that the CISO of an organization define and Key Performance Indicators (KPI) to measure the effectiveness of the security awareness program provided to call center employees. Which of the following can be used as a KPI?
The alerting, monitoring, and lifecycle management of security-related events are typically managed by the:
A CISO must conduct risk assessments using a method where the Chief Financial Officer (CFO) receives impact data in financial terms to use as input to select the proper level of coverage in a new cybersecurity insurance policy. What is the MOST effective method of risk analysis to provide the CFO with the information required?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?
A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?