ExamGecko
Login
Home / ECCouncil / 712-50 / List of questions
Ask Question

ECCouncil 712-50 Practice Test - Questions Answers, Page 2

Add to Whishlist

List of questions

Question 11

Report Export Collapse

Which of the following should be determined while defining risk management strategies?

Organizational objectives and risk tolerance
Organizational objectives and risk tolerance
Risk assessment criteria
Risk assessment criteria
IT architecture complexity
IT architecture complexity
Enterprise disaster recovery plans
Enterprise disaster recovery plans
Suggested answer: A
asked 18/09/2024
Dennis Valencia
41 questions

Question 12

Report Export Collapse

Who in the organization determines access to information?

Legal department
Legal department
Compliance officer
Compliance officer
Data Owner
Data Owner
Information security officer
Information security officer
Suggested answer: C
asked 18/09/2024
Khalfan KAABI
42 questions

Question 13

Report Export Collapse

Which of the following is a benefit of information security governance?

Questioning the trust in vendor relationships.
Questioning the trust in vendor relationships.
Increasing the risk of decisions based on incomplete management information.
Increasing the risk of decisions based on incomplete management information.
Direct involvement of senior management in developing control processes
Direct involvement of senior management in developing control processes
Reduction of the potential for civil and legal liability
Reduction of the potential for civil and legal liability
Suggested answer: D
asked 18/09/2024
Ronald Zegwaard
34 questions

Question 14

Report Export Collapse

Which of the following is the MOST important benefit of an effective security governance process?

Reduction of liability and overall risk to the organization
Reduction of liability and overall risk to the organization
Better vendor management
Better vendor management
Reduction of security breaches
Reduction of security breaches
Senior management participation in the incident response process
Senior management participation in the incident response process
Suggested answer: A
asked 18/09/2024
Ravi Kundu
34 questions

Question 15

Report Export Collapse

The FIRST step in establishing a security governance program is to?

Conduct a risk assessment.
Conduct a risk assessment.
Obtain senior level sponsorship.
Obtain senior level sponsorship.
Conduct a workshop for all end users.
Conduct a workshop for all end users.
Prepare a security budget.
Prepare a security budget.
Suggested answer: B
asked 18/09/2024
Gokul Kalaiselvi Loganathan
52 questions

Question 16

Report Export Collapse

Which of the following has the GREATEST impact on the implementation of an information security governance model?

Organizational budget
Organizational budget
Distance between physical locations
Distance between physical locations
Number of employees
Number of employees
Complexity of organizational structure
Complexity of organizational structure
Suggested answer: D
asked 18/09/2024
Paula Delgado
41 questions

Question 17

Report Export Collapse

From an information security perspective, information that no longer supports the main purpose of the business should be:

assessed by a business impact analysis.
assessed by a business impact analysis.
protected under the information classification policy.
protected under the information classification policy.
analyzed under the data ownership policy.
analyzed under the data ownership policy.
analyzed under the retention policy
analyzed under the retention policy
Suggested answer: D
asked 18/09/2024
Yenziwe Yengwa
49 questions

Question 18

Report Export Collapse

The alerting, monitoring and life-cycle management of security related events is typically handled by the

security threat and vulnerability management process
security threat and vulnerability management process
risk assessment process
risk assessment process
risk management process
risk management process
governance, risk, and compliance tools
governance, risk, and compliance tools
Suggested answer: A
asked 18/09/2024
Andrew Naftel
41 questions

Question 19

Report Export Collapse

One of the MAIN goals of a Business Continuity Plan is to

Ensure all infrastructure and applications are available in the event of a disaster
Ensure all infrastructure and applications are available in the event of a disaster
Allow all technical first-responders to understand their roles in the event of a disaster
Allow all technical first-responders to understand their roles in the event of a disaster
Provide step by step plans to recover business processes in the event of a disaster
Provide step by step plans to recover business processes in the event of a disaster
Assign responsibilities to the technical teams responsible for the recovery of all data.
Assign responsibilities to the technical teams responsible for the recovery of all data.
Suggested answer: C
asked 18/09/2024
rafael Flores
58 questions

Question 20

Report Export Collapse

When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?

An independent Governance, Risk and Compliance organization
An independent Governance, Risk and Compliance organization
Alignment of security goals with business goals
Alignment of security goals with business goals
Compliance with local privacy regulations
Compliance with local privacy regulations
Support from Legal and HR teams
Support from Legal and HR teams
Suggested answer: B
asked 18/09/2024
Lionel Fitzgerald Gweth
48 questions
Total 460 questions
Go to page: of 46
Open VPLUS File
Convert VPLUS to PDF

Related questions

To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the
Smith, the project manager for a larger multi-location firm, is leading a software project team that has 18 members, 5 of which are assigned to testing. Due to recent recommendations by an organizational quality audit team, the project manager is convinced to add a quality professional to lead to test team at additional cost to the project. The project manager is aware of the importance of communication for the success of the project and takes the step of introducing additional communication channels, making it more complex, in order to assure quality levels of the project. What will be the first project management document that Smith should change in order to accommodate additional communication channels?
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
The executive board has requested that the CISO of an organization define and Key Performance Indicators (KPI) to measure the effectiveness of the security awareness program provided to call center employees. Which of the following can be used as a KPI?
The alerting, monitoring, and lifecycle management of security-related events are typically managed by the:
A CISO must conduct risk assessments using a method where the Chief Financial Officer (CFO) receives impact data in financial terms to use as input to select the proper level of coverage in a new cybersecurity insurance policy. What is the MOST effective method of risk analysis to provide the CFO with the information required?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?
A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?