ExamGecko
Search Search Login
Home Home / ECCouncil / 712-50

ECCouncil 712-50 Practice Test - Questions Answers, Page 38

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity. The performance quality audit activity is done in what project management process group?
You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation. Which of the following is NOT documented in the SSP?
To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
When managing the security architecture for your company you must consider:
A company wants to fill a Chief Information Security Officer position. Which of the following qualifications and experience would be MOST desirable in a candidate?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?

Question 371

Report
Export
Collapse

A large number of accounts in a hardened system were suddenly compromised to an external party.

Which of the following is the MOST probable threat actor involved in this incident?

A.
Poorly configured firewalls
A.
Poorly configured firewalls
Answers
B.
Malware
B.
Malware
Answers
C.
Advanced Persistent Threat (APT)
C.
Advanced Persistent Threat (APT)
Answers
D.
An insider
D.
An insider
Answers
Suggested answer: D

Question 372

Report
Export
Collapse

Which of the following defines the boundaries and scope of a risk assessment?

A.
The risk assessment schedule
A.
The risk assessment schedule
Answers
B.
The risk assessment framework
B.
The risk assessment framework
Answers
C.
The risk assessment charter
C.
The risk assessment charter
Answers
D.
The assessment context
D.
The assessment context
Answers
Suggested answer: B

Explanation:

Reference: https://cfocussoftware.com/risk-management-framework/know-your-boundary/

Question 373

Report
Export
Collapse

Simon had all his systems administrators implement hardware and software firewalls to ensure network security. They implemented IDS/IPS systems throughout the network to check for and stop any unauthorized traffic that may attempt to enter. Although Simon and his administrators believed they were secure, a hacker group was able to get into the network and modify files hosted on the company's website. After searching through the firewall and server logs, no one could find how the attackers were able to get in. He decides that the entire network needs to be monitored for critical and essential file changes. This monitoring tool alerts administrators when a critical file is altered. What tool could Simon and his administrators implement to accomplish this?

A.
They need to use Nessus.
A.
They need to use Nessus.
Answers
B.
They can implement Wireshark.
B.
They can implement Wireshark.
Answers
C.
Snort is the best tool for their situation.
C.
Snort is the best tool for their situation.
Answers
D.
They could use Tripwire.
D.
They could use Tripwire.
Answers
Suggested answer: C

Explanation:

Reference: https://searchnetworking.techtarget.com/definition/Snort

Question 374

Report
Export
Collapse

Which of the following is true regarding expenditures?

A.
Capital expenditures are never taxable
A.
Capital expenditures are never taxable
Answers
B.
Operating expenditures are for acquiring assets, capital expenditures are for support costs of that asset
B.
Operating expenditures are for acquiring assets, capital expenditures are for support costs of that asset
Answers
C.
Capital expenditures are used to define depreciation tables of intangible assets
C.
Capital expenditures are used to define depreciation tables of intangible assets
Answers
D.
Capital expenditures are for acquiring assets, whereas operating expenditures are for support costs of that asset
D.
Capital expenditures are for acquiring assets, whereas operating expenditures are for support costs of that asset
Answers
Suggested answer: D

Question 375

Report
Export
Collapse

At what level of governance are individual projects monitored and managed?

A.
Program
A.
Program
Answers
B.
Milestone
B.
Milestone
Answers
C.
Enterprise
C.
Enterprise
Answers
D.
Portfolio
D.
Portfolio
Answers
Suggested answer: D

Question 376

Report
Export
Collapse

A digital signature addresses which of the following concerns?

A.
Message alteration
A.
Message alteration
Answers
B.
Message copying
B.
Message copying
Answers
C.
Message theft
C.
Message theft
Answers
D.
Unauthorized reading
D.
Unauthorized reading
Answers
Suggested answer: A

Explanation:

Reference: https://www.entrust.com/resources/certificate-solutions/learn/digital-signatures

Question 377

Report
Export
Collapse

What are the three stages of an identity and access management system?

A.
Authentication, Authorize, Validation
A.
Authentication, Authorize, Validation
Answers
B.
Provision, Administration, Enforcement
B.
Provision, Administration, Enforcement
Answers
C.
Administration, Validation, Protect
C.
Administration, Validation, Protect
Answers
D.
Provision, Administration, Authentication
D.
Provision, Administration, Authentication
Answers
Suggested answer: A

Explanation:

Reference: https://digitalguardian.com/blog/what-identity-and-access-management-iam

Question 378

Report
Export
Collapse

During the last decade, what trend has caused the MOST serious issues in relation to physical security?

A.
Data is more portable due to the increased use of smartphones and tablets
A.
Data is more portable due to the increased use of smartphones and tablets
Answers
B.
The move from centralized computing to decentralized computing
B.
The move from centralized computing to decentralized computing
Answers
C.
Camera systems have become more economical and expanded in their use
C.
Camera systems have become more economical and expanded in their use
Answers
D.
The internet of Things allows easy compromise of cloud-based systems
D.
The internet of Things allows easy compromise of cloud-based systems
Answers
Suggested answer: A

Question 379

Report
Export
Collapse

Which of the following is the MOST important reason for performing assessments of the security portfolio?

A.
To assure that the portfolio is aligned to the needs of the broader organization
A.
To assure that the portfolio is aligned to the needs of the broader organization
Answers
B.
To create executive support of the portfolio
B.
To create executive support of the portfolio
Answers
C.
To discover new technologies and processes for implementation within the portfolio
C.
To discover new technologies and processes for implementation within the portfolio
Answers
D.
To provide independent 3rd party reviews of security effectiveness
D.
To provide independent 3rd party reviews of security effectiveness
Answers
Suggested answer: A

Question 380

Report
Export
Collapse

Which of the following terms is used to describe countermeasures implemented to minimize risks to physical property, information, and computing systems?

A.
Security frameworks
A.
Security frameworks
Answers
B.
Security policies
B.
Security policies
Answers
C.
Security awareness
C.
Security awareness
Answers
D.
Security controls
D.
Security controls
Answers
Suggested answer: D

Explanation:

Reference: https://www.ibm.com/cloud/learn/security-controls

Total 460 questions
Go to page: of 46
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms