ExamGecko
Search Search Login
Home Home / ECCouncil / 712-50

ECCouncil 712-50 Practice Test - Questions Answers, Page 24

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?
To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity. The performance quality audit activity is done in what project management process group?
You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation. Which of the following is NOT documented in the SSP?
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
When managing the security architecture for your company you must consider:
A company wants to fill a Chief Information Security Officer position. Which of the following qualifications and experience would be MOST desirable in a candidate?

Question 231

Report
Export
Collapse

You are the CISO of a commercial social media organization. The leadership wants to rapidly create new methods of sharing customer data through creative linkages with mobile devices. You have voiced concern about privacy regulations but the velocity of the business is given priority. Which of the following BEST describes this organization?

A.
Risk averse
A.
Risk averse
Answers
B.
Risk tolerant
B.
Risk tolerant
Answers
C.
Risk conditional
C.
Risk conditional
Answers
D.
Risk minimal
D.
Risk minimal
Answers
Suggested answer: B

Question 232

Report
Export
Collapse

Knowing the potential financial loss an organization is willing to suffer if a system fails is a determination of which of the following?

A.
Cost benefit
A.
Cost benefit
Answers
B.
Risk appetite
B.
Risk appetite
Answers
C.
Business continuity
C.
Business continuity
Answers
D.
Likelihood of impact
D.
Likelihood of impact
Answers
Suggested answer: B

Question 233

Report
Export
Collapse

Which of the following is MOST beneficial in determining an appropriate balance between uncontrolled innovation and excessive caution in an organization?

A.
Define the risk appetite
A.
Define the risk appetite
Answers
B.
Determine budget constraints
B.
Determine budget constraints
Answers
C.
Review project charters
C.
Review project charters
Answers
D.
Collaborate security projects
D.
Collaborate security projects
Answers
Suggested answer: A

Question 234

Report
Export
Collapse

Which of the following is a major benefit of applying risk levels?

A.
Risk management governance becomes easier since most risks remain low once mitigated
A.
Risk management governance becomes easier since most risks remain low once mitigated
Answers
B.
Resources are not wasted on risks that are already managed to an acceptable level
B.
Resources are not wasted on risks that are already managed to an acceptable level
Answers
C.
Risk budgets are more easily managed due to fewer identified risks as a result of using a methodology
C.
Risk budgets are more easily managed due to fewer identified risks as a result of using a methodology
Answers
D.
Risk appetite can increase within the organization once the levels are understood
D.
Risk appetite can increase within the organization once the levels are understood
Answers
Suggested answer: B

Question 235

Report
Export
Collapse

Which of the following best summarizes the primary goal of a security program?

A.
Provide security reporting to all levels of an organization
A.
Provide security reporting to all levels of an organization
Answers
B.
Create effective security awareness to employees
B.
Create effective security awareness to employees
Answers
C.
Manage risk within the organization
C.
Manage risk within the organization
Answers
D.
Assure regulatory compliance
D.
Assure regulatory compliance
Answers
Suggested answer: C

Question 236

Report
Export
Collapse

Which of the following functions evaluates risk present in IT initiatives and/or systems when implementing an information security program?

A.
Risk Management
A.
Risk Management
Answers
B.
Risk Assessment
B.
Risk Assessment
Answers
C.
System Testing
C.
System Testing
Answers
D.
Vulnerability Assessment
D.
Vulnerability Assessment
Answers
Suggested answer: B

Question 237

Report
Export
Collapse

Which of the following functions implements and oversees the use of controls to reduce risk when creating an information security program?

A.
Risk Assessment
A.
Risk Assessment
Answers
B.
Incident Response
B.
Incident Response
Answers
C.
Risk Management
C.
Risk Management
Answers
D.
Network Security administration
D.
Network Security administration
Answers
Suggested answer: C

Question 238

Report
Export
Collapse

Which of the following functions evaluates patches used to close software vulnerabilities of new systems to assure compliance with policy when implementing an information security program?

A.
System testing
A.
System testing
Answers
B.
Risk assessment
B.
Risk assessment
Answers
C.
Incident response
C.
Incident response
Answers
D.
Planning
D.
Planning
Answers
Suggested answer: A

Question 239

Report
Export
Collapse

Which one of the following BEST describes which member of the management team is accountable for the day-to-day operation of the information security program?

A.
Security administrators
A.
Security administrators
Answers
B.
Security mangers
B.
Security mangers
Answers
C.
Security technicians
C.
Security technicians
Answers
D.
Security analysts
D.
Security analysts
Answers
Suggested answer: B

Question 240

Report
Export
Collapse

In effort to save your company money which of the following methods of training results in the lowest cost for the organization?

A.
Distance learning/Web seminars
A.
Distance learning/Web seminars
Answers
B.
Formal Class
B.
Formal Class
Answers
C.
One-One Training
C.
One-One Training
Answers
D.
Self –Study (noncomputerized)
D.
Self –Study (noncomputerized)
Answers
Suggested answer: D

Explanation:

Topic 4, Information Security Core Competencies

Total 460 questions
Go to page: of 46
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms