ExamGecko
Search Search Login
Home Home / ECCouncil / 712-50

ECCouncil 712-50 Practice Test - Questions Answers, Page 3

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?
What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity. The performance quality audit activity is done in what project management process group?
To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
When managing the security architecture for your company you must consider:
You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation. Which of the following is NOT documented in the SSP?
A company wants to fill a Chief Information Security Officer position. Which of the following qualifications and experience would be MOST desirable in a candidate?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?

Question 21

Report
Export
Collapse

Which of the following is considered the MOST effective tool against social engineering?

A.
Anti-phishing tools
A.
Anti-phishing tools
Answers
B.
Anti-malware tools
B.
Anti-malware tools
Answers
C.
Effective Security Vulnerability Management Program
C.
Effective Security Vulnerability Management Program
Answers
D.
Effective Security awareness program
D.
Effective Security awareness program
Answers
Suggested answer: D

Question 22

Report
Export
Collapse

When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?

A.
Escalation
A.
Escalation
Answers
B.
Recovery
B.
Recovery
Answers
C.
Eradication
C.
Eradication
Answers
D.
Containment
D.
Containment
Answers
Suggested answer: D

Question 23

Report
Export
Collapse

Which of the following is of MOST importance when security leaders of an organization are required to align security to influence the culture of an organization?

A.
Poses a strong technical background
A.
Poses a strong technical background
Answers
B.
Understand all regulations affecting the organization
B.
Understand all regulations affecting the organization
Answers
C.
Understand the business goals of the organization
C.
Understand the business goals of the organization
Answers
D.
Poses a strong auditing background
D.
Poses a strong auditing background
Answers
Suggested answer: C

Question 24

Report
Export
Collapse

In accordance with best practices and international standards, how often is security awareness training provided to employees of an organization?

A.
High risk environments 6 months, low risk environments 12 months
A.
High risk environments 6 months, low risk environments 12 months
Answers
B.
Every 12 months
B.
Every 12 months
Answers
C.
Every 18 months
C.
Every 18 months
Answers
D.
Every six months
D.
Every six months
Answers
Suggested answer: B

Question 25

Report
Export
Collapse

Which of the following is a MAJOR consideration when an organization retains sensitive customer data and uses this data to better target the organization's products and services?

A.
Strong authentication technologies
A.
Strong authentication technologies
Answers
B.
Financial reporting regulations
B.
Financial reporting regulations
Answers
C.
Credit card compliance and regulations
C.
Credit card compliance and regulations
Answers
D.
Local privacy laws
D.
Local privacy laws
Answers
Suggested answer: D

Question 26

Report
Export
Collapse

You have implemented a new security control. Which of the following risk strategy options have you engaged in?

A.
Risk Avoidance
A.
Risk Avoidance
Answers
B.
Risk Acceptance
B.
Risk Acceptance
Answers
C.
Risk Transfer
C.
Risk Transfer
Answers
D.
Risk Mitigation
D.
Risk Mitigation
Answers
Suggested answer: D

Question 27

Report
Export
Collapse

You have purchased a new insurance policy as part of your risk strategy. Which of the following risk strategy options have you engaged in?

A.
Risk Avoidance
A.
Risk Avoidance
Answers
B.
Risk Acceptance
B.
Risk Acceptance
Answers
C.
Risk Transfer
C.
Risk Transfer
Answers
D.
Risk Mitigation
D.
Risk Mitigation
Answers
Suggested answer: C

Question 28

Report
Export
Collapse

Risk that remains after risk mitigation is known as

A.
Persistent risk
A.
Persistent risk
Answers
B.
Residual risk
B.
Residual risk
Answers
C.
Accepted risk
C.
Accepted risk
Answers
D.
Non-tolerated risk
D.
Non-tolerated risk
Answers
Suggested answer: B

Question 29

Report
Export
Collapse

After a risk assessment is performed, a particular risk is considered to have the potential of costing the organization 1.2 Million USD. This is an example of

A.
Risk Tolerance
A.
Risk Tolerance
Answers
B.
Qualitative risk analysis
B.
Qualitative risk analysis
Answers
C.
Risk Appetite
C.
Risk Appetite
Answers
D.
Quantitative risk analysis
D.
Quantitative risk analysis
Answers
Suggested answer: D

Question 30

Report
Export
Collapse

When dealing with a risk management process, asset classification is important because it will impact the overall:

A.
Threat identification
A.
Threat identification
Answers
B.
Risk monitoring
B.
Risk monitoring
Answers
C.
Risk treatment
C.
Risk treatment
Answers
D.
Risk tolerance
D.
Risk tolerance
Answers
Suggested answer: C
Total 460 questions
Go to page: of 46
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms