ExamGecko
Login
Home / ECCouncil / 712-50 / List of questions
Ask Question

ECCouncil 712-50 Practice Test - Questions Answers, Page 10

Add to Whishlist

List of questions

Question 91

Report Export Collapse

What is the BEST way to achieve on-going compliance monitoring in an organization?

Only check compliance right before the auditors are scheduled to arrive onsite.
Only check compliance right before the auditors are scheduled to arrive onsite.
Outsource compliance to a 3rd party vendor and let them manage the program.
Outsource compliance to a 3rd party vendor and let them manage the program.
Have Compliance and Information Security partner to correct issues as they arise.
Have Compliance and Information Security partner to correct issues as they arise.
Have Compliance direct Information Security to fix issues after the auditors report.
Have Compliance direct Information Security to fix issues after the auditors report.
Suggested answer: C
asked 18/09/2024
Vijay Khara
51 questions

Question 92

Report Export Collapse

Which of the following is the MOST important for a CISO to understand when identifying threats?

Become a Premium Member for full access
  Unlock Premium Member

Question 93

Report Export Collapse

Which of the following are the MOST important factors for proactively determining system vulnerabilities?

Become a Premium Member for full access
  Unlock Premium Member

Question 94

Report Export Collapse

What role should the CISO play in properly scoping a PCI environment?

Become a Premium Member for full access
  Unlock Premium Member

Question 95

Report Export Collapse

What should an organization do to ensure that they have a sound Business Continuity (BC) Plan?

Become a Premium Member for full access
  Unlock Premium Member

Question 96

Report Export Collapse

What is the SECOND step to creating a risk management methodology according to the National Institute of Standards and Technology (NIST) SP 800-30 standard?

Become a Premium Member for full access
  Unlock Premium Member

Question 97

Report Export Collapse

According to the National Institute of Standards and Technology (NIST) SP 800-40, which of the following considerations are MOST important when creating a vulnerability management program?

Become a Premium Member for full access
  Unlock Premium Member

Question 98

Report Export Collapse

Which of the following best represents a calculation for Annual Loss Expectancy (ALE)?

Become a Premium Member for full access
  Unlock Premium Member

Question 99

Report Export Collapse

When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?

Become a Premium Member for full access
  Unlock Premium Member

Question 100

Report Export Collapse

The regular review of a firewall ruleset is considered a

Become a Premium Member for full access
  Unlock Premium Member
Total 460 questions
Go to page: of 46
Open VPLUS File
Convert VPLUS to PDF

Related questions

To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the
Smith, the project manager for a larger multi-location firm, is leading a software project team that has 18 members, 5 of which are assigned to testing. Due to recent recommendations by an organizational quality audit team, the project manager is convinced to add a quality professional to lead to test team at additional cost to the project. The project manager is aware of the importance of communication for the success of the project and takes the step of introducing additional communication channels, making it more complex, in order to assure quality levels of the project. What will be the first project management document that Smith should change in order to accommodate additional communication channels?
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
The executive board has requested that the CISO of an organization define and Key Performance Indicators (KPI) to measure the effectiveness of the security awareness program provided to call center employees. Which of the following can be used as a KPI?
The alerting, monitoring, and lifecycle management of security-related events are typically managed by the:
A CISO must conduct risk assessments using a method where the Chief Financial Officer (CFO) receives impact data in financial terms to use as input to select the proper level of coverage in a new cybersecurity insurance policy. What is the MOST effective method of risk analysis to provide the CFO with the information required?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?
A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?