ExamGecko
Search Search Login
Home Home / ECCouncil / 712-50

ECCouncil 712-50 Practice Test - Questions Answers, Page 2

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity. The performance quality audit activity is done in what project management process group?
To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation. Which of the following is NOT documented in the SSP?
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
When managing the security architecture for your company you must consider:
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?
A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?

Question 11

Report
Export
Collapse

Which of the following should be determined while defining risk management strategies?

A.
Organizational objectives and risk tolerance
A.
Organizational objectives and risk tolerance
Answers
B.
Risk assessment criteria
B.
Risk assessment criteria
Answers
C.
IT architecture complexity
C.
IT architecture complexity
Answers
D.
Enterprise disaster recovery plans
D.
Enterprise disaster recovery plans
Answers
Suggested answer: A

Question 12

Report
Export
Collapse

Who in the organization determines access to information?

A.
Legal department
A.
Legal department
Answers
B.
Compliance officer
B.
Compliance officer
Answers
C.
Data Owner
C.
Data Owner
Answers
D.
Information security officer
D.
Information security officer
Answers
Suggested answer: C

Question 13

Report
Export
Collapse

Which of the following is a benefit of information security governance?

A.
Questioning the trust in vendor relationships.
A.
Questioning the trust in vendor relationships.
Answers
B.
Increasing the risk of decisions based on incomplete management information.
B.
Increasing the risk of decisions based on incomplete management information.
Answers
C.
Direct involvement of senior management in developing control processes
C.
Direct involvement of senior management in developing control processes
Answers
D.
Reduction of the potential for civil and legal liability
D.
Reduction of the potential for civil and legal liability
Answers
Suggested answer: D

Question 14

Report
Export
Collapse

Which of the following is the MOST important benefit of an effective security governance process?

A.
Reduction of liability and overall risk to the organization
A.
Reduction of liability and overall risk to the organization
Answers
B.
Better vendor management
B.
Better vendor management
Answers
C.
Reduction of security breaches
C.
Reduction of security breaches
Answers
D.
Senior management participation in the incident response process
D.
Senior management participation in the incident response process
Answers
Suggested answer: A

Question 15

Report
Export
Collapse

The FIRST step in establishing a security governance program is to?

A.
Conduct a risk assessment.
A.
Conduct a risk assessment.
Answers
B.
Obtain senior level sponsorship.
B.
Obtain senior level sponsorship.
Answers
C.
Conduct a workshop for all end users.
C.
Conduct a workshop for all end users.
Answers
D.
Prepare a security budget.
D.
Prepare a security budget.
Answers
Suggested answer: B

Question 16

Report
Export
Collapse

Which of the following has the GREATEST impact on the implementation of an information security governance model?

A.
Organizational budget
A.
Organizational budget
Answers
B.
Distance between physical locations
B.
Distance between physical locations
Answers
C.
Number of employees
C.
Number of employees
Answers
D.
Complexity of organizational structure
D.
Complexity of organizational structure
Answers
Suggested answer: D

Question 17

Report
Export
Collapse

From an information security perspective, information that no longer supports the main purpose of the business should be:

A.
assessed by a business impact analysis.
A.
assessed by a business impact analysis.
Answers
B.
protected under the information classification policy.
B.
protected under the information classification policy.
Answers
C.
analyzed under the data ownership policy.
C.
analyzed under the data ownership policy.
Answers
D.
analyzed under the retention policy
D.
analyzed under the retention policy
Answers
Suggested answer: D

Question 18

Report
Export
Collapse

The alerting, monitoring and life-cycle management of security related events is typically handled by the

A.
security threat and vulnerability management process
A.
security threat and vulnerability management process
Answers
B.
risk assessment process
B.
risk assessment process
Answers
C.
risk management process
C.
risk management process
Answers
D.
governance, risk, and compliance tools
D.
governance, risk, and compliance tools
Answers
Suggested answer: A

Question 19

Report
Export
Collapse

One of the MAIN goals of a Business Continuity Plan is to

A.
Ensure all infrastructure and applications are available in the event of a disaster
A.
Ensure all infrastructure and applications are available in the event of a disaster
Answers
B.
Allow all technical first-responders to understand their roles in the event of a disaster
B.
Allow all technical first-responders to understand their roles in the event of a disaster
Answers
C.
Provide step by step plans to recover business processes in the event of a disaster
C.
Provide step by step plans to recover business processes in the event of a disaster
Answers
D.
Assign responsibilities to the technical teams responsible for the recovery of all data.
D.
Assign responsibilities to the technical teams responsible for the recovery of all data.
Answers
Suggested answer: C

Question 20

Report
Export
Collapse

When managing an Information Security Program, which of the following is of MOST importance in order to influence the culture of an organization?

A.
An independent Governance, Risk and Compliance organization
A.
An independent Governance, Risk and Compliance organization
Answers
B.
Alignment of security goals with business goals
B.
Alignment of security goals with business goals
Answers
C.
Compliance with local privacy regulations
C.
Compliance with local privacy regulations
Answers
D.
Support from Legal and HR teams
D.
Support from Legal and HR teams
Answers
Suggested answer: B
Total 460 questions
Go to page: of 46
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms