ExamGecko
Search Search Login
Home Home / ECCouncil / 712-50

ECCouncil 712-50 Practice Test - Questions Answers, Page 45

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity. The performance quality audit activity is done in what project management process group?
To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation. Which of the following is NOT documented in the SSP?
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
When managing the security architecture for your company you must consider:
A company wants to fill a Chief Information Security Officer position. Which of the following qualifications and experience would be MOST desirable in a candidate?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?

Question 441

Report
Export
Collapse

What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?

A.
Business Impact Analysis
A.
Business Impact Analysis
Answers
B.
Economic Impact analysis
B.
Economic Impact analysis
Answers
C.
Return on Investment
C.
Return on Investment
Answers
D.
Cost-benefit analysis
D.
Cost-benefit analysis
Answers
Suggested answer: D

Explanation:

Reference: https://artsandculture.google.com/entity/cost%E2%80%93benefitanalysis/m020w0x?hl=en

Question 442

Report
Export
Collapse

An organization has decided to develop an in-house BCM capability. The organization has determined it is best to follow a BCM standard published by the International Organization for Standardization (ISO).

The BEST ISO standard to follow that outlines the complete lifecycle of BCM is?

A.
ISO 22318 Supply Chain Continuity
A.
ISO 22318 Supply Chain Continuity
Answers
B.
ISO 27031 BCM Readiness
B.
ISO 27031 BCM Readiness
Answers
C.
ISO 22301 BCM Requirements
C.
ISO 22301 BCM Requirements
Answers
D.
ISO 22317 BIA
D.
ISO 22317 BIA
Answers
Suggested answer: C

Explanation:

Reference: https://www.smartsheet.com/content/iso-22301-business-continuity-guide

Question 443

Report
Export
Collapse

From the CISO's perspective in looking at financial statements, the statement of retained earnings of an organization:

A.
Has a direct correlation with the CISO's budget
A.
Has a direct correlation with the CISO's budget
Answers
B.
Represents, in part, the savings generated by the proper acquisition and implementation of security controls
B.
Represents, in part, the savings generated by the proper acquisition and implementation of security controls
Answers
C.
Represents the sum of all capital expenditures
C.
Represents the sum of all capital expenditures
Answers
D.
Represents the percentage of earnings that could in part be used to finance future security controls
D.
Represents the percentage of earnings that could in part be used to finance future security controls
Answers
Suggested answer: D

Explanation:

Reference: https://www.investopedia.com/terms/s/statement-of-retained-earnings.asp

Question 444

Report
Export
Collapse

Devising controls for information security is a balance between?

A.
Governance and compliance
A.
Governance and compliance
Answers
B.
Auditing and security
B.
Auditing and security
Answers
C.
Budget and risk tolerance
C.
Budget and risk tolerance
Answers
D.
Threats and vulnerabilities
D.
Threats and vulnerabilities
Answers
Suggested answer: C

Explanation:

Reference: https://www.cybok.org/media/downloads/cybok_version_1.0.pdf

Question 445

Report
Export
Collapse

The Board of Directors of a publicly-traded company is concerned about the security implications of a strategic project that will migrate 50% of the organization's information technology assets to the cloud. They have requested a briefing on the project plan and a progress report of the security stream of the project. As the CISO, you have been tasked with preparing the report for the Chief Executive Officer to present.

Using the Earned Value Management (EVM), what does a Cost Variance (CV) of -1,200 mean?

A.
The project is over budget
A.
The project is over budget
Answers
B.
The project budget has reserves
B.
The project budget has reserves
Answers
C.
The project cost is in alignment with the budget
C.
The project cost is in alignment with the budget
Answers
D.
The project is under budget
D.
The project is under budget
Answers
Suggested answer: A

Explanation:

Reference: https://www.pmi.org/learning/library/earned-value-management-systems-analysis-8026#:~:text=The%20cost%20variance%20is%20defined,the%20project%20is%20on%20budget

Question 446

Report
Export
Collapse

What is the primary difference between regulations and standards?

A.
Standards will include regulations
A.
Standards will include regulations
Answers
B.
Standards that aren't followed are punishable by fines
B.
Standards that aren't followed are punishable by fines
Answers
C.
Regulations are made enforceable by the power provided by laws
C.
Regulations are made enforceable by the power provided by laws
Answers
D.
Regulations must be reviewed and approved by the business
D.
Regulations must be reviewed and approved by the business
Answers
Suggested answer: C

Question 447

Report
Export
Collapse

A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage.

What Security Operations Center (SOC) model does this BEST describe?

A.
Virtual SOC
A.
Virtual SOC
Answers
B.
In-house SOC
B.
In-house SOC
Answers
C.
Security Network Operations Center (SNOC)
C.
Security Network Operations Center (SNOC)
Answers
D.
Hybrid SOC
D.
Hybrid SOC
Answers
Suggested answer: A

Explanation:

Reference: https://www.techtarget.com/searchsecurity/tip/Benefits-of-virtual-SOCs-Enterprise-runvs-fully-managed

Question 448

Report
Export
Collapse

As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity.

The performance quality audit activity is done in what project management process group?

A.
Executing
A.
Executing
Answers
B.
Controlling
B.
Controlling
Answers
C.
Planning
C.
Planning
Answers
D.
Closing
D.
Closing
Answers
Suggested answer: A

Explanation:

Reference: https://blog.masterofproject.com/executing-process-group-projectmanagement/#:~:text=Executing%20Process%20Group%20Activity%20%2310,of%20the%20project%20are%20met

Question 449

Report
Export
Collapse

A CISO must conduct risk assessments using a method where the Chief Financial Officer (CFO) receives impact data in financial terms to use as input to select the proper level of coverage in a new cybersecurity insurance policy.

What is the MOST effective method of risk analysis to provide the CFO with the information required?

A.
Conduct a quantitative risk assessment
A.
Conduct a quantitative risk assessment
Answers
B.
Conduct a hybrid risk assessment
B.
Conduct a hybrid risk assessment
Answers
C.
Conduct a subjective risk assessment
C.
Conduct a subjective risk assessment
Answers
D.
Conduct a qualitative risk assessment
D.
Conduct a qualitative risk assessment
Answers
Suggested answer: D

Explanation:


Question 450

Report
Export
Collapse

Which of the following BEST mitigates ransomware threats?

A.
Phishing exercises
A.
Phishing exercises
Answers
B.
Use immutable data storage
B.
Use immutable data storage
Answers
C.
Blocking use of wireless networks
C.
Blocking use of wireless networks
Answers
D.
Application of multiple endpoint anti-malware solutions
D.
Application of multiple endpoint anti-malware solutions
Answers
Suggested answer: B
Total 460 questions
Go to page: of 46
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms