ExamGecko
Login
Home / ECCouncil / 712-50 / List of questions
Ask Question

ECCouncil 712-50 Practice Test - Questions Answers, Page 8

Add to Whishlist

List of questions

Question 71

Report Export Collapse

Who is responsible for securing networks during a security incident?

Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)
Security Operations Center (SO
Security Operations Center (SO
Disaster Recovery (DR) manager
Disaster Recovery (DR) manager
Incident Response Team (IRT)
Incident Response Team (IRT)
Suggested answer: D
asked 18/09/2024
Leandro Ruwer
50 questions

Question 72

Report Export Collapse

Which of the following is a critical operational component of an Incident Response Program (IRP)?

Weekly program budget reviews to ensure the percentage of program funding remains constant.
Weekly program budget reviews to ensure the percentage of program funding remains constant.
Annual review of program charters, policies, procedures and organizational agreements.
Annual review of program charters, policies, procedures and organizational agreements.
Daily monitoring of vulnerability advisories relating to your organization's deployed technologies.
Daily monitoring of vulnerability advisories relating to your organization's deployed technologies.
Monthly program tests to ensure resource allocation is sufficient for supporting the needs of the organization
Monthly program tests to ensure resource allocation is sufficient for supporting the needs of the organization
Suggested answer: C
asked 18/09/2024
Maria Deras
46 questions

Question 73

Report Export Collapse

What is the first thing that needs to be completed in order to create a security program for your organization?

Risk assessment
Risk assessment
Security program budget
Security program budget
Business continuity plan
Business continuity plan
Compliance and regulatory analysis
Compliance and regulatory analysis
Suggested answer: A
asked 18/09/2024
Nuno Silva
40 questions

Question 74

Report Export Collapse

What is the main purpose of the Incident Response Team?

Ensure efficient recovery and reinstate repaired systems
Ensure efficient recovery and reinstate repaired systems
Create effective policies detailing program activities
Create effective policies detailing program activities
Communicate details of information security incidents
Communicate details of information security incidents
Provide current employee awareness programs
Provide current employee awareness programs
Suggested answer: A
asked 18/09/2024
Luigi Trigilio
47 questions

Question 75

Report Export Collapse

Which of the following is a weakness of an asset or group of assets that can be exploited by one or more threats?

Threat
Threat
Vulnerability
Vulnerability
Attack vector
Attack vector
Exploitation
Exploitation
Suggested answer: B
asked 18/09/2024
Ismaiel Al-Mufleh
50 questions

Question 76

Report Export Collapse

Within an organization's vulnerability management program, who has the responsibility to implement remediation actions?

Security officer
Security officer
Data owner
Data owner
Vulnerability engineer
Vulnerability engineer
System administrator
System administrator
Suggested answer: D
asked 18/09/2024
Bart Hakstege
46 questions

Question 77

Report Export Collapse

The Information Security Management program MUST protect:

all organizational assets
all organizational assets
critical business processes and /or revenue streams
critical business processes and /or revenue streams
intellectual property released into the public domain
intellectual property released into the public domain
against distributed denial of service attacks
against distributed denial of service attacks
Suggested answer: B
asked 18/09/2024
Robert Fox
56 questions

Question 78

Report Export Collapse

What is the MAIN reason for conflicts between Information Technology and Information Security programs?

Technology governance defines technology policies and standards while security governance does not.
Technology governance defines technology policies and standards while security governance does not.
Security governance defines technology best practices and Information Technology governance does not.
Security governance defines technology best practices and Information Technology governance does not.
Technology Governance is focused on process risks whereas Security Governance is focused on business risk.
Technology Governance is focused on process risks whereas Security Governance is focused on business risk.
The effective implementation of security controls can be viewed as an inhibitor to rapid Information Technology implementations.
The effective implementation of security controls can be viewed as an inhibitor to rapid Information Technology implementations.
Suggested answer: D
asked 18/09/2024
Aiko Abrassart
38 questions

Question 79

Report Export Collapse

The Information Security Governance program MUST:

integrate with other organizational governance processes
integrate with other organizational governance processes
support user choice for Bring Your Own Device (BYOD)
support user choice for Bring Your Own Device (BYOD)
integrate with other organizational governance processes
integrate with other organizational governance processes
show a return on investment for the organization
show a return on investment for the organization
Suggested answer: A
asked 18/09/2024
Luis Hernaiz
45 questions

Question 80

Report Export Collapse

A security officer wants to implement a vulnerability scanning program. The officer is uncertain of the state of vulnerability resiliency within the organization's large IT infrastructure. What would be the BEST approach to minimize scan data output while retaining a realistic view of system vulnerability?

Scan a representative sample of systems
Scan a representative sample of systems
Perform the scans only during off-business hours
Perform the scans only during off-business hours
Decrease the vulnerabilities within the scan tool settings
Decrease the vulnerabilities within the scan tool settings
Filter the scan output so only pertinent data is analyzed
Filter the scan output so only pertinent data is analyzed
Suggested answer: A
asked 18/09/2024
Louis Perriot
48 questions
Total 460 questions
Go to page: of 46
Open VPLUS File
Convert VPLUS to PDF

Related questions

To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the
Smith, the project manager for a larger multi-location firm, is leading a software project team that has 18 members, 5 of which are assigned to testing. Due to recent recommendations by an organizational quality audit team, the project manager is convinced to add a quality professional to lead to test team at additional cost to the project. The project manager is aware of the importance of communication for the success of the project and takes the step of introducing additional communication channels, making it more complex, in order to assure quality levels of the project. What will be the first project management document that Smith should change in order to accommodate additional communication channels?
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
The executive board has requested that the CISO of an organization define and Key Performance Indicators (KPI) to measure the effectiveness of the security awareness program provided to call center employees. Which of the following can be used as a KPI?
The alerting, monitoring, and lifecycle management of security-related events are typically managed by the:
A CISO must conduct risk assessments using a method where the Chief Financial Officer (CFO) receives impact data in financial terms to use as input to select the proper level of coverage in a new cybersecurity insurance policy. What is the MOST effective method of risk analysis to provide the CFO with the information required?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?
A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?