ExamGecko
Login
Home / ECCouncil / 712-50 / List of questions
Ask Question

ECCouncil 712-50 Practice Test - Questions Answers, Page 5

Add to Whishlist

List of questions

Question 41

Report Export Collapse

Why is it vitally important that senior management endorse a security policy?

So that they will accept ownership for security within the organization.
So that they will accept ownership for security within the organization.
So that employees will follow the policy directives.
So that employees will follow the policy directives.
So that external bodies will recognize the organizations commitment to security.
So that external bodies will recognize the organizations commitment to security.
So that they can be held legally accountable.
So that they can be held legally accountable.
Suggested answer: A
asked 18/09/2024
Rakesh Sharma
44 questions

Question 42

Report Export Collapse

When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?

When there is a need to develop a more unified incident response capability.
When there is a need to develop a more unified incident response capability.
When the enterprise is made up of many business units with diverse business activities, risks profiles and regulatory requirements.
When the enterprise is made up of many business units with diverse business activities, risks profiles and regulatory requirements.
When there is a variety of technologies deployed in the infrastructure.
When there is a variety of technologies deployed in the infrastructure.
When it results in an overall lower cost of operating the security program.
When it results in an overall lower cost of operating the security program.
Suggested answer: B
asked 18/09/2024
Ranjan Gupta
40 questions

Question 43

Report Export Collapse

What is the relationship between information protection and regulatory compliance?

That all information in an organization must be protected equally.
That all information in an organization must be protected equally.
The information required to be protected by regulatory mandate does not have to be identified in the organizations data classification policy.
The information required to be protected by regulatory mandate does not have to be identified in the organizations data classification policy.
That the protection of some information such as National ID information is mandated by regulation and other information such as trade secrets are protected based on business need.
That the protection of some information such as National ID information is mandated by regulation and other information such as trade secrets are protected based on business need.
There is no relationship between the two.
There is no relationship between the two.
Suggested answer: C
asked 18/09/2024
Epitacio Neto
36 questions

Question 44

Report Export Collapse

Regulatory requirements typically force organizations to implement

Mandatory controls
Mandatory controls
Discretionary controls
Discretionary controls
Optional controls
Optional controls
Financial controls
Financial controls
Suggested answer: A
asked 18/09/2024
Shawn Sullivan
43 questions

Question 45

Report Export Collapse

When managing the security architecture for your company you must consider:

Security and IT Staff size
Security and IT Staff size
Company Values
Company Values
Budget
Budget
All of the above
All of the above
Suggested answer: D
asked 18/09/2024
Danilo Omaljev
39 questions

Question 46

Report Export Collapse

If your organization operates under a model of "assumption of breach", you should:

Protect all information resource assets equally
Protect all information resource assets equally
Establish active firewall monitoring protocols
Establish active firewall monitoring protocols
Purchase insurance for your compliance liability
Purchase insurance for your compliance liability
Focus your security efforts on high value assets
Focus your security efforts on high value assets
Suggested answer: C
asked 18/09/2024
Mustafa BeΓ…ΕΈparmak
40 questions

Question 47

Report Export Collapse

A method to transfer risk is to:

Implement redundancy
Implement redundancy
move operations to another region
move operations to another region
purchase breach insurance
purchase breach insurance
Alignment with business operations
Alignment with business operations
Suggested answer: C
asked 18/09/2024
Gaetano Vito Fraccalvieri
49 questions

Question 48

Report Export Collapse

You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the

Controlled mitigation effort
Controlled mitigation effort
Risk impact comparison
Risk impact comparison
Relative likelihood of event
Relative likelihood of event
Comparative threat analysis
Comparative threat analysis
Suggested answer: C
asked 18/09/2024
Henrik Persson
41 questions

Question 49

Report Export Collapse

Ensuring that the actions of a set of people, applications and systems follow the organization's rules is BEST described as:

Risk management
Risk management
Security management
Security management
Mitigation management
Mitigation management
Compliance management
Compliance management
Suggested answer: D
asked 18/09/2024
David Gallegos
44 questions

Question 50

Report Export Collapse

A security manager regualrly checks work areas after buisness hours for security violations; such as unsecured files or unattended computers with active sessions. This activity BEST demonstrates what part of a security program?

Audit validation
Audit validation
Physical control testing
Physical control testing
Compliance management
Compliance management
Security awareness training
Security awareness training
Suggested answer: C
asked 18/09/2024
Ricardo Chapa
44 questions
Total 460 questions
Go to page: of 46
Open VPLUS File
Convert VPLUS to PDF

Related questions

To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the
Smith, the project manager for a larger multi-location firm, is leading a software project team that has 18 members, 5 of which are assigned to testing. Due to recent recommendations by an organizational quality audit team, the project manager is convinced to add a quality professional to lead to test team at additional cost to the project. The project manager is aware of the importance of communication for the success of the project and takes the step of introducing additional communication channels, making it more complex, in order to assure quality levels of the project. What will be the first project management document that Smith should change in order to accommodate additional communication channels?
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
The executive board has requested that the CISO of an organization define and Key Performance Indicators (KPI) to measure the effectiveness of the security awareness program provided to call center employees. Which of the following can be used as a KPI?
The alerting, monitoring, and lifecycle management of security-related events are typically managed by the:
A CISO must conduct risk assessments using a method where the Chief Financial Officer (CFO) receives impact data in financial terms to use as input to select the proper level of coverage in a new cybersecurity insurance policy. What is the MOST effective method of risk analysis to provide the CFO with the information required?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?
A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?