ExamGecko
Search Search Login
Home Home / ECCouncil / 712-50

ECCouncil 712-50 Practice Test - Questions Answers, Page 5

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity. The performance quality audit activity is done in what project management process group?
To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation. Which of the following is NOT documented in the SSP?
When managing the security architecture for your company you must consider:
A company wants to fill a Chief Information Security Officer position. Which of the following qualifications and experience would be MOST desirable in a candidate?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?

Question 41

Report
Export
Collapse

Why is it vitally important that senior management endorse a security policy?

A.
So that they will accept ownership for security within the organization.
A.
So that they will accept ownership for security within the organization.
Answers
B.
So that employees will follow the policy directives.
B.
So that employees will follow the policy directives.
Answers
C.
So that external bodies will recognize the organizations commitment to security.
C.
So that external bodies will recognize the organizations commitment to security.
Answers
D.
So that they can be held legally accountable.
D.
So that they can be held legally accountable.
Answers
Suggested answer: A

Question 42

Report
Export
Collapse

When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?

A.
When there is a need to develop a more unified incident response capability.
A.
When there is a need to develop a more unified incident response capability.
Answers
B.
When the enterprise is made up of many business units with diverse business activities, risks profiles and regulatory requirements.
B.
When the enterprise is made up of many business units with diverse business activities, risks profiles and regulatory requirements.
Answers
C.
When there is a variety of technologies deployed in the infrastructure.
C.
When there is a variety of technologies deployed in the infrastructure.
Answers
D.
When it results in an overall lower cost of operating the security program.
D.
When it results in an overall lower cost of operating the security program.
Answers
Suggested answer: B

Question 43

Report
Export
Collapse

What is the relationship between information protection and regulatory compliance?

A.
That all information in an organization must be protected equally.
A.
That all information in an organization must be protected equally.
Answers
B.
The information required to be protected by regulatory mandate does not have to be identified in the organizations data classification policy.
B.
The information required to be protected by regulatory mandate does not have to be identified in the organizations data classification policy.
Answers
C.
That the protection of some information such as National ID information is mandated by regulation and other information such as trade secrets are protected based on business need.
C.
That the protection of some information such as National ID information is mandated by regulation and other information such as trade secrets are protected based on business need.
Answers
D.
There is no relationship between the two.
D.
There is no relationship between the two.
Answers
Suggested answer: C

Question 44

Report
Export
Collapse

Regulatory requirements typically force organizations to implement

A.
Mandatory controls
A.
Mandatory controls
Answers
B.
Discretionary controls
B.
Discretionary controls
Answers
C.
Optional controls
C.
Optional controls
Answers
D.
Financial controls
D.
Financial controls
Answers
Suggested answer: A

Question 45

Report
Export
Collapse

When managing the security architecture for your company you must consider:

A.
Security and IT Staff size
A.
Security and IT Staff size
Answers
B.
Company Values
B.
Company Values
Answers
C.
Budget
C.
Budget
Answers
D.
All of the above
D.
All of the above
Answers
Suggested answer: D

Question 46

Report
Export
Collapse

If your organization operates under a model of "assumption of breach", you should:

A.
Protect all information resource assets equally
A.
Protect all information resource assets equally
Answers
B.
Establish active firewall monitoring protocols
B.
Establish active firewall monitoring protocols
Answers
C.
Purchase insurance for your compliance liability
C.
Purchase insurance for your compliance liability
Answers
D.
Focus your security efforts on high value assets
D.
Focus your security efforts on high value assets
Answers
Suggested answer: C

Question 47

Report
Export
Collapse

A method to transfer risk is to:

A.
Implement redundancy
A.
Implement redundancy
Answers
B.
move operations to another region
B.
move operations to another region
Answers
C.
purchase breach insurance
C.
purchase breach insurance
Answers
D.
Alignment with business operations
D.
Alignment with business operations
Answers
Suggested answer: C

Question 48

Report
Export
Collapse

You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the

A.
Controlled mitigation effort
A.
Controlled mitigation effort
Answers
B.
Risk impact comparison
B.
Risk impact comparison
Answers
C.
Relative likelihood of event
C.
Relative likelihood of event
Answers
D.
Comparative threat analysis
D.
Comparative threat analysis
Answers
Suggested answer: C

Question 49

Report
Export
Collapse

Ensuring that the actions of a set of people, applications and systems follow the organization's rules is BEST described as:

A.
Risk management
A.
Risk management
Answers
B.
Security management
B.
Security management
Answers
C.
Mitigation management
C.
Mitigation management
Answers
D.
Compliance management
D.
Compliance management
Answers
Suggested answer: D

Question 50

Report
Export
Collapse

A security manager regualrly checks work areas after buisness hours for security violations; such as unsecured files or unattended computers with active sessions. This activity BEST demonstrates what part of a security program?

A.
Audit validation
A.
Audit validation
Answers
B.
Physical control testing
B.
Physical control testing
Answers
C.
Compliance management
C.
Compliance management
Answers
D.
Security awareness training
D.
Security awareness training
Answers
Suggested answer: C
Total 460 questions
Go to page: of 46
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms