ExamGecko
Search Search Login
Home Home / ECCouncil / 712-50

ECCouncil 712-50 Practice Test - Questions Answers, Page 14

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity. The performance quality audit activity is done in what project management process group?
You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation. Which of the following is NOT documented in the SSP?
To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
When managing the security architecture for your company you must consider:
A company wants to fill a Chief Information Security Officer position. Which of the following qualifications and experience would be MOST desirable in a candidate?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?

Question 131

Report
Export
Collapse

In MOST organizations which group periodically reviews network intrusion detection system logs for all systems as part of their daily tasks?

A.
Internal Audit
A.
Internal Audit
Answers
B.
Database Administration
B.
Database Administration
Answers
C.
Information Security
C.
Information Security
Answers
D.
Compliance
D.
Compliance
Answers
Suggested answer: C

Question 132

Report
Export
Collapse

At which point should the identity access management team be notified of the termination of an employee?

A.
At the end of the day once the employee is off site
A.
At the end of the day once the employee is off site
Answers
B.
During the monthly review cycle
B.
During the monthly review cycle
Answers
C.
Immediately so the employee account(s) can be disabled
C.
Immediately so the employee account(s) can be disabled
Answers
D.
Before an audit
D.
Before an audit
Answers
Suggested answer: C

Question 133

Report
Export
Collapse

To have accurate and effective information security policies how often should the CISO review the organization policies?

A.
Every 6 months
A.
Every 6 months
Answers
B.
Quarterly
B.
Quarterly
Answers
C.
Before an audit
C.
Before an audit
Answers
D.
At least once a year
D.
At least once a year
Answers
Suggested answer: D

Question 134

Report
Export
Collapse

How often should an environment be monitored for cyber threats, risks, and exposures?

A.
Weekly
A.
Weekly
Answers
B.
Monthly
B.
Monthly
Answers
C.
Quarterly
C.
Quarterly
Answers
D.
Daily
D.
Daily
Answers
Suggested answer: D

Question 135

Report
Export
Collapse

Which is the BEST solution to monitor, measure, and report changes to critical data in a system?

A.
Application logs
A.
Application logs
Answers
B.
File integrity monitoring
B.
File integrity monitoring
Answers
C.
SNMP traps
C.
SNMP traps
Answers
D.
Syslog
D.
Syslog
Answers
Suggested answer: B

Question 136

Report
Export
Collapse

When working in the Payment Card Industry (PCI), how often should security logs be review to comply with the standards?

A.
Daily
A.
Daily
Answers
B.
Hourly
B.
Hourly
Answers
C.
Weekly
C.
Weekly
Answers
D.
Monthly
D.
Monthly
Answers
Suggested answer: A

Question 137

Report
Export
Collapse

Which represents PROPER separation of duties in the corporate environment?

A.
Information Security and Identity Access Management teams perform two distinct functions
A.
Information Security and Identity Access Management teams perform two distinct functions
Answers
B.
Developers and Network teams both have admin rights on servers
B.
Developers and Network teams both have admin rights on servers
Answers
C.
Finance has access to Human Resources data
C.
Finance has access to Human Resources data
Answers
D.
Information Security and Network teams perform two distinct functions
D.
Information Security and Network teams perform two distinct functions
Answers
Suggested answer: D

Question 138

Report
Export
Collapse

Creating good security metrics is essential for a CISO. What would be the BEST sources for creating security metrics for baseline defenses coverage?

A.
Servers, routers, switches, modem
A.
Servers, routers, switches, modem
Answers
B.
Firewall, exchange, web server, intrusion detection system (IDS)
B.
Firewall, exchange, web server, intrusion detection system (IDS)
Answers
C.
Firewall, anti-virus console, IDS, syslog
C.
Firewall, anti-virus console, IDS, syslog
Answers
D.
IDS, syslog, router, switches
D.
IDS, syslog, router, switches
Answers
Suggested answer: C

Question 139

Report
Export
Collapse

Many times a CISO may have to speak to the Board of Directors (BOD) about their cyber security posture. What would be the BEST choice of security metrics to present to the BOD?

A.
All vulnerabilities found on servers and desktops
A.
All vulnerabilities found on servers and desktops
Answers
B.
Only critical and high vulnerabilities on servers and desktops
B.
Only critical and high vulnerabilities on servers and desktops
Answers
C.
Only critical and high vulnerabilities that impact important production servers
C.
Only critical and high vulnerabilities that impact important production servers
Answers
D.
All vulnerabilities that impact important production servers
D.
All vulnerabilities that impact important production servers
Answers
Suggested answer: C

Question 140

Report
Export
Collapse

When a critical vulnerability has been discovered on production systems and needs to be fixed immediately, what is the BEST approach for a CISO to mitigate the vulnerability under tight budget constraints?

A.
Transfer financial resources from other critical programs
A.
Transfer financial resources from other critical programs
Answers
B.
Take the system off line until the budget is available
B.
Take the system off line until the budget is available
Answers
C.
Deploy countermeasures and compensating controls until the budget is available
C.
Deploy countermeasures and compensating controls until the budget is available
Answers
D.
Schedule an emergency meeting and request the funding to fix the issue
D.
Schedule an emergency meeting and request the funding to fix the issue
Answers
Suggested answer: C
Total 460 questions
Go to page: of 46
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms