ExamGecko
Search Search Login
Home Home / ECCouncil / 712-50

ECCouncil 712-50 Practice Test - Questions Answers, Page 40

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity. The performance quality audit activity is done in what project management process group?
You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation. Which of the following is NOT documented in the SSP?
To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
When managing the security architecture for your company you must consider:
A company wants to fill a Chief Information Security Officer position. Which of the following qualifications and experience would be MOST desirable in a candidate?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?

Question 391

Report
Export
Collapse

What is the difference between encryption and tokenization?

A.
Tokenization combined with hashing is always better than encryption
A.
Tokenization combined with hashing is always better than encryption
Answers
B.
Encryption can be mathematically reversed to provide the original information
B.
Encryption can be mathematically reversed to provide the original information
Answers
C.
The token contains the all original information
C.
The token contains the all original information
Answers
D.
Tokenization can be mathematically reversed to provide the original information
D.
Tokenization can be mathematically reversed to provide the original information
Answers
Suggested answer: B

Explanation:

Reference: http://library.ahima.org/doc?oid=104090#.X_dwWolR3eQ

Question 392

Report
Export
Collapse

Which of the following information would MOST likely be reported at the board-level within an organization?

A.
System scanning trends and results as they pertain to insider and external threat sources
A.
System scanning trends and results as they pertain to insider and external threat sources
Answers
B.
The capabilities of a security program in terms of staffing support
B.
The capabilities of a security program in terms of staffing support
Answers
C.
Significant risks and security incidents that have been discovered since the last assembly of the membership
C.
Significant risks and security incidents that have been discovered since the last assembly of the membership
Answers
D.
The numbers and types of cyberattacks experienced by the organization since the last assembly of the membership
D.
The numbers and types of cyberattacks experienced by the organization since the last assembly of the membership
Answers
Suggested answer: C

Question 393

Report
Export
Collapse

Which technology can provide a computing environment without requiring a dedicated hardware backend?

A.
Mainframe server
A.
Mainframe server
Answers
B.
Virtual Desktop
B.
Virtual Desktop
Answers
C.
Thin client
C.
Thin client
Answers
D.
Virtual Local Area Network
D.
Virtual Local Area Network
Answers
Suggested answer: B

Question 394

Report
Export
Collapse

What process defines the framework of rules and practices by which a board of directors ensure accountability, fairness and transparency in an organization's relationship with its shareholders?

A.
Internal Audit
A.
Internal Audit
Answers
B.
Corporate governance
B.
Corporate governance
Answers
C.
Risk Oversight
C.
Risk Oversight
Answers
D.
Key Performance Indicators
D.
Key Performance Indicators
Answers
Suggested answer: B

Explanation:

Reference: https://www.igi-global.com/dictionary/corporate-governance/5957

Question 395

Report
Export
Collapse

As the Business Continuity Coordinator of a financial services organization, you are responsible for ensuring assets are recovered timely in the event of a disaster. Which is the BEST Disaster Recovery performance indicator to validate that you are prepared for a disaster?

A.
Recovery Point Objective (RPO)
A.
Recovery Point Objective (RPO)
Answers
B.
Disaster Recovery Plan
B.
Disaster Recovery Plan
Answers
C.
Recovery Time Objective (RTO)
C.
Recovery Time Objective (RTO)
Answers
D.
Business Continuity Plan
D.
Business Continuity Plan
Answers
Suggested answer: D

Explanation:

Reference: https://www.resolver.com/resource/bcdr-metrics-that-matter/

Question 396

Report
Export
Collapse

What are the three hierarchically related aspects of strategic planning and in which order should they be done?

A.
1) Information technology strategic planning, 2) Enterprise strategic planning, 3) Cybersecurity or information security strategic planning
A.
1) Information technology strategic planning, 2) Enterprise strategic planning, 3) Cybersecurity or information security strategic planning
Answers
B.
1) Cybersecurity or information security strategic planning, 2) Enterprise strategic planning, 3) Information technology strategic planning
B.
1) Cybersecurity or information security strategic planning, 2) Enterprise strategic planning, 3) Information technology strategic planning
Answers
C.
1) Enterprise strategic planning, 2) Information technology strategic planning, 3) Cybersecurity or information security strategic planning
C.
1) Enterprise strategic planning, 2) Information technology strategic planning, 3) Cybersecurity or information security strategic planning
Answers
D.
1) Enterprise strategic planning, 2) Cybersecurity or information security strategic planning, 3) Information technology strategic planning
D.
1) Enterprise strategic planning, 2) Cybersecurity or information security strategic planning, 3) Information technology strategic planning
Answers
Suggested answer: D

Question 397

Report
Export
Collapse

Which regulation or policy governs protection of personally identifiable user data gathered during a cyber investigation?

A.
ITIL
A.
ITIL
Answers
B.
Privacy Act
B.
Privacy Act
Answers
C.
Sarbanes Oxley
C.
Sarbanes Oxley
Answers
D.
PCI-DSS
D.
PCI-DSS
Answers
Suggested answer: B

Question 398

Report
Export
Collapse

Which of the following would negatively impact a log analysis of a multinational organization?

A.
Centralized log management
A.
Centralized log management
Answers
B.
Encrypted log files in transit
B.
Encrypted log files in transit
Answers
C.
Each node set to local time
C.
Each node set to local time
Answers
D.
Log aggregation agent each node
D.
Log aggregation agent each node
Answers
Suggested answer: D

Explanation:

Topic 6, Misc. Questions

Question 399

Report
Export
Collapse

Which of the following statements below regarding Key Performance indicators (KPIs) are true?

A.
Development of KPI's are most useful when done independently
A.
Development of KPI's are most useful when done independently
Answers
B.
They are a strictly quantitative measure of success
B.
They are a strictly quantitative measure of success
Answers
C.
They should be standard throughout the organization versus domain-specific so they are more easily correlated
C.
They should be standard throughout the organization versus domain-specific so they are more easily correlated
Answers
D.
They are a strictly qualitative measure of success
D.
They are a strictly qualitative measure of success
Answers
Suggested answer: A

Explanation:

Reference: https://kpi.org/KPI-Basics/KPI-Development

Question 400

Report
Export
Collapse

When information security falls under the Chief Information Officer (CIO), what is their MOST essential role?

A.
Oversees the organization's day-to-day operations, creating the policies and strategies that govern operations
A.
Oversees the organization's day-to-day operations, creating the policies and strategies that govern operations
Answers
B.
Enlisting support from key executives the information security program budget and policies
B.
Enlisting support from key executives the information security program budget and policies
Answers
C.
Charged with developing and implementing policies designed to protect employees and customers' data from unauthorized access
C.
Charged with developing and implementing policies designed to protect employees and customers' data from unauthorized access
Answers
D.
Responsible for the success or failure of the IT organization and setting strategic direction
D.
Responsible for the success or failure of the IT organization and setting strategic direction
Answers
Suggested answer: D

Explanation:

Reference: https://www.investopedia.com/terms/c/cio.asp

Total 460 questions
Go to page: of 46
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms