ExamGecko
Search Search Login
Home Home / ECCouncil / 712-50

ECCouncil 712-50 Practice Test - Questions Answers, Page 35

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity. The performance quality audit activity is done in what project management process group?
You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation. Which of the following is NOT documented in the SSP?
To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
When managing the security architecture for your company you must consider:
A company wants to fill a Chief Information Security Officer position. Which of the following qualifications and experience would be MOST desirable in a candidate?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?

Question 341

Report
Export
Collapse

Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has full access to the data on the foreign server.

Your defenses did not hold up to the test as originally thought. As you investigate how the data was compromised through log analysis you discover that a hardworking, but misguided business intelligence analyst posted the data to an obfuscated URL on a popular cloud storage service so they could work on it from home during their off-time. Which technology or solution could you deploy to prevent employees from removing corporate data from your network? Choose the BEST answer.

A.
Security Guards posted outside the Data Center
A.
Security Guards posted outside the Data Center
Answers
B.
Data Loss Prevention (DLP)
B.
Data Loss Prevention (DLP)
Answers
C.
Rigorous syslog reviews
C.
Rigorous syslog reviews
Answers
D.
Intrusion Detection Systems (IDS)
D.
Intrusion Detection Systems (IDS)
Answers
Suggested answer: B

Question 342

Report
Export
Collapse

Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.

How can you reduce the administrative burden of distributing symmetric keys for your employer?

A.
Use asymmetric encryption for the automated distribution of the symmetric key
A.
Use asymmetric encryption for the automated distribution of the symmetric key
Answers
B.
Use a self-generated key on both ends to eliminate the need for distribution
B.
Use a self-generated key on both ends to eliminate the need for distribution
Answers
C.
Use certificate authority to distribute private keys
C.
Use certificate authority to distribute private keys
Answers
D.
Symmetrically encrypt the key and then use asymmetric encryption to unencrypt it
D.
Symmetrically encrypt the key and then use asymmetric encryption to unencrypt it
Answers
Suggested answer: A

Question 343

Report
Export
Collapse

Scenario: Your company has many encrypted telecommunications links for their world-wide operations. Physically distributing symmetric keys to all locations has proven to be administratively burdensome, but symmetric keys are preferred to other alternatives.

Symmetric encryption in general is preferable to asymmetric encryption when:

A.
The number of unique communication links is large
A.
The number of unique communication links is large
Answers
B.
The volume of data being transmitted is small
B.
The volume of data being transmitted is small
Answers
C.
The speed of the encryption / deciphering process is essential
C.
The speed of the encryption / deciphering process is essential
Answers
D.
The distance to the end node is farthest away
D.
The distance to the end node is farthest away
Answers
Suggested answer: C

Question 344

Report
Export
Collapse

Which type of physical security control scan a person's external features through a digital video camera before granting access to a restricted area?

A.
Iris scan
A.
Iris scan
Answers
B.
Retinal scan
B.
Retinal scan
Answers
C.
Facial recognition scan
C.
Facial recognition scan
Answers
D.
Signature kinetics scan
D.
Signature kinetics scan
Answers
Suggested answer: C

Question 345

Report
Export
Collapse

Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target company. Just as the employee opens the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so that he can enter. What is the best way to undermine the social engineering activity of tailgating?

A.
Post a sign that states, "no tailgating" next to the special card reader adjacent to the secure door
A.
Post a sign that states, "no tailgating" next to the special card reader adjacent to the secure door
Answers
B.
Issue special cards to access secure doors at the company and provide a one-time only brief description of use of the special card
B.
Issue special cards to access secure doors at the company and provide a one-time only brief description of use of the special card
Answers
C.
Educate and enforce physical security policies of the company to all the employees on a regular basis
C.
Educate and enforce physical security policies of the company to all the employees on a regular basis
Answers
D.
Setup a mock video camera next to the special card reader adjacent to the secure door
D.
Setup a mock video camera next to the special card reader adjacent to the secure door
Answers
Suggested answer: C

Question 346

Report
Export
Collapse

Which type of scan is used on the eye to measure the layer of blood vessels?

A.
Facial recognition scan
A.
Facial recognition scan
Answers
B.
Iris scan
B.
Iris scan
Answers
C.
Signature kinetics scan
C.
Signature kinetics scan
Answers
D.
Retinal scan
D.
Retinal scan
Answers
Suggested answer: D

Question 347

Report
Export
Collapse

A consultant is hired to do physical penetration testing at a large financial company. In the first day of his assessment, the consultant goes to the company's building dressed like an electrician and waits in the lobby for an employee to pass through the main access gate, then the consultant follows the employee behind to get into the restricted are a. Which type of attack did the consultant perform?

A.
Shoulder surfing
A.
Shoulder surfing
Answers
B.
Tailgating
B.
Tailgating
Answers
C.
Social engineering
C.
Social engineering
Answers
D.
Mantrap
D.
Mantrap
Answers
Suggested answer: B

Question 348

Report
Export
Collapse

Smith, the project manager for a larger multi-location firm, is leading a software project team that has 18 members, 5 of which are assigned to testing. Due to recent recommendations by an organizational quality audit team, the project manager is convinced to add a quality professional to lead to test team at additional cost to the project.

The project manager is aware of the importance of communication for the success of the project and takes the step of introducing additional communication channels, making it more complex, in order to assure quality levels of the project.

What will be the first project management document that Smith should change in order to accommodate additional communication channels?

A.
WBS document
A.
WBS document
Answers
B.
Scope statement
B.
Scope statement
Answers
C.
Change control document
C.
Change control document
Answers
D.
Risk management plan
D.
Risk management plan
Answers
Suggested answer: A

Question 349

Report
Export
Collapse

If the result of an NPV is positive, then the project should be selected. The net present value shows the present value of the project, based on the decisions taken for its selection. What is the net present value equal to?

A.
Net profit – per capita income
A.
Net profit – per capita income
Answers
B.
Total investment – Discounted cash
B.
Total investment – Discounted cash
Answers
C.
Average profit – Annual investment
C.
Average profit – Annual investment
Answers
D.
Initial investment – Future value
D.
Initial investment – Future value
Answers
Suggested answer: C

Question 350

Report
Export
Collapse

If a competitor wants to cause damage to your organization, steal critical secrets, or put you out of business, they just have to find a job opening, prepare someone to pass the interview, have that person hired, and they will be in the organization. How would you prevent such type of attacks?

A.
Conduct thorough background checks before you engage them
A.
Conduct thorough background checks before you engage them
Answers
B.
Hire the people through third-party job agencies who will vet them for you
B.
Hire the people through third-party job agencies who will vet them for you
Answers
C.
Investigate their social networking profiles
C.
Investigate their social networking profiles
Answers
D.
It is impossible to block these attacks
D.
It is impossible to block these attacks
Answers
Suggested answer: A
Total 460 questions
Go to page: of 46
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms