ExamGecko
Search Search Login
Home Home / ECCouncil / 712-50

ECCouncil 712-50 Practice Test - Questions Answers, Page 39

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity. The performance quality audit activity is done in what project management process group?
You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation. Which of the following is NOT documented in the SSP?
To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
When managing the security architecture for your company you must consider:
A company wants to fill a Chief Information Security Officer position. Which of the following qualifications and experience would be MOST desirable in a candidate?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?

Question 381

Report
Export
Collapse

Which of the following best describes an access control process that confirms the identity of the entity seeking access to a logical or physical area?

A.
Identification
A.
Identification
Answers
B.
Authorization
B.
Authorization
Answers
C.
Authentication
C.
Authentication
Answers
D.
Accountability
D.
Accountability
Answers
Suggested answer: B

Question 382

Report
Export
Collapse

As the Chief Information Security Officer, you are performing an assessment of security posture to understand what your Defense-in-Depth capabilities are. Which network security technology examines network traffic flows to detect and actively stop vulnerability exploits and attacks?

A.
Gigamon
A.
Gigamon
Answers
B.
Intrusion Prevention System
B.
Intrusion Prevention System
Answers
C.
Port Security
C.
Port Security
Answers
D.
Anti-virus
D.
Anti-virus
Answers
Suggested answer: B

Explanation:

Reference: https://searchsecurity.techtarget.com/definition/intrusion-prevention

Question 383

Report
Export
Collapse

Michael starts a new job and discovers that he has unnecessary access to a variety of systems. Which of the following best describes the problem he has encountered?

A.
Rights collision
A.
Rights collision
Answers
B.
Excessive privileges
B.
Excessive privileges
Answers
C.
Privilege creep
C.
Privilege creep
Answers
D.
Least privileges
D.
Least privileges
Answers
Suggested answer: B

Question 384

Report
Export
Collapse

Which of the following best describes the sensors designed to project and detect a light beam across an area?

A.
Smoke
A.
Smoke
Answers
B.
Thermal
B.
Thermal
Answers
C.
Air-aspirating
C.
Air-aspirating
Answers
D.
Photo electric
D.
Photo electric
Answers
Suggested answer: D

Explanation:

Reference: https://en.wikipedia.org/wiki/Photoelectric_sensor

Question 385

Report
Export
Collapse

As the Chief Information Security Officer, you want to ensure data shared securely, especially when shared with third parties outside the organization. What protocol provides the ability to extend the network perimeter with the use of encapsulation and encryption?

A.
File Transfer Protocol (FTP)
A.
File Transfer Protocol (FTP)
Answers
B.
Virtual Local Area Network (VLAN)
B.
Virtual Local Area Network (VLAN)
Answers
C.
Simple Mail Transfer Protocol
C.
Simple Mail Transfer Protocol
Answers
D.
Virtual Private Network (VPN)
D.
Virtual Private Network (VPN)
Answers
Suggested answer: D

Explanation:

Reference: https://searchnetworking.techtarget.com/definition/virtual-private-network

Question 386

Report
Export
Collapse

As the CISO, you have been tasked with the execution of the company's key management program.

You MUST ensure the integrity of encryption keys at the point of generation. Which principal of encryption key control will ensure no single individual can constitute or re-constitute a key?

A.
Dual Control
A.
Dual Control
Answers
B.
Separation of Duties
B.
Separation of Duties
Answers
C.
Split Knowledge
C.
Split Knowledge
Answers
D.
Least Privilege
D.
Least Privilege
Answers
Suggested answer: A

Explanation:

Reference: https://info.townsendsecurity.com/bid/23881/PCI-DSS-2-0-and-Encryption-Key-Management

Question 387

Report
Export
Collapse

What is one key difference between Capital expenditures and Operating expenditures?

A.
Operating expense cannot be written off while Capital expense can
A.
Operating expense cannot be written off while Capital expense can
Answers
B.
Operating expenses can be depreciated over time and Capital expenses cannot
B.
Operating expenses can be depreciated over time and Capital expenses cannot
Answers
C.
Capital expenses cannot include salaries and Operating expenses can
C.
Capital expenses cannot include salaries and Operating expenses can
Answers
D.
Capital expenditures allow for the cost to be depreciated over time and Operating does not
D.
Capital expenditures allow for the cost to be depreciated over time and Operating does not
Answers
Suggested answer: C

Question 388

Report
Export
Collapse

Which of the following is used to lure attackers into false environments so they can be monitored, contained, or blocked from reaching critical systems?

A.
Segmentation controls.
A.
Segmentation controls.
Answers
B.
Shadow applications.
B.
Shadow applications.
Answers
C.
Deception technology.
C.
Deception technology.
Answers
D.
Vulnerability management.
D.
Vulnerability management.
Answers
Suggested answer: B

Question 389

Report
Export
Collapse

Which of the following is an accurate description of a balance sheet?

A.
The percentage of earnings that are retained by the organization for reinvestment in the business
A.
The percentage of earnings that are retained by the organization for reinvestment in the business
Answers
B.
The details of expenses and revenue over a long period of time
B.
The details of expenses and revenue over a long period of time
Answers
C.
A summarized statement of all assets and liabilities at a specific point in time
C.
A summarized statement of all assets and liabilities at a specific point in time
Answers
D.
A review of regulations and requirements impacting the business from a financial perspective
D.
A review of regulations and requirements impacting the business from a financial perspective
Answers
Suggested answer: C

Question 390

Report
Export
Collapse

A CISO wants to change the defense strategy to ward off attackers. To accomplish this the CISO is looking to a strategy where attackers are lured into a zone of a safe network where attackers can be monitored, controlled, quarantined, or eradicated.

A.
Moderate investment
A.
Moderate investment
Answers
B.
Passive monitoring
B.
Passive monitoring
Answers
C.
Integrated security controls
C.
Integrated security controls
Answers
D.
Dynamic deception
D.
Dynamic deception
Answers
Suggested answer: D
Total 460 questions
Go to page: of 46
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms