ExamGecko
Login
Home / ECCouncil / 712-50 / List of questions
Ask Question

ECCouncil 712-50 Practice Test - Questions Answers, Page 9

Add to Whishlist

List of questions

Question 81

Report Export Collapse

When creating a vulnerability scan schedule, who is the MOST critical person to communicate with in order to ensure impact of the scan is minimized?

The asset owner
The asset owner
The asset manager
The asset manager
The data custodian
The data custodian
The project manager
The project manager
Suggested answer: A
asked 18/09/2024
Christophe Troessaert
42 questions

Question 82

Report Export Collapse

Which of the following functions MUST your Information Security Governance program include for formal organizational reporting?

Audit and Legal
Audit and Legal
Budget and Compliance
Budget and Compliance
Human Resources and Budget
Human Resources and Budget
Legal and Human Resources
Legal and Human Resources
Suggested answer: A
asked 18/09/2024
Manohar M
46 questions

Question 83

Report Export Collapse

Risk appetite directly affects what part of a vulnerability management program?

Staff
Staff
Scope
Scope
Schedule
Schedule
Scan tools
Scan tools
Suggested answer: B
asked 18/09/2024
Jonathan Moreno
33 questions

Question 84

Report Export Collapse

When choosing a risk mitigation method what is the MOST important factor?

Approval from the board of directors
Approval from the board of directors
Cost of the mitigation is less than the risk
Cost of the mitigation is less than the risk
Metrics of mitigation method success
Metrics of mitigation method success
Mitigation method complies with PCI regulations
Mitigation method complies with PCI regulations
Suggested answer: B
asked 18/09/2024
Leonelo Sanchez
34 questions

Question 85

Report Export Collapse

Payment Card Industry (PCI) compliance requirements are based on what criteria?

The types of cardholder data retained
The types of cardholder data retained
The duration card holder data is retained
The duration card holder data is retained
The size of the organization processing credit card data
The size of the organization processing credit card data
The number of transactions performed per year by an organization
The number of transactions performed per year by an organization
Suggested answer: D
asked 18/09/2024
Rehan Malik
54 questions

Question 86

Report Export Collapse

Which of the following provides an audit framework?

Control Objectives for IT (COBIT)
Control Objectives for IT (COBIT)
Payment Card Industry-Data Security Standard (PCI-DSS)
Payment Card Industry-Data Security Standard (PCI-DSS)
International Organization Standard (ISO) 27002
International Organization Standard (ISO) 27002
National Institute of Standards and Technology (NIST) SP 800-30
National Institute of Standards and Technology (NIST) SP 800-30
Suggested answer: A
asked 18/09/2024
Marian Mateev
42 questions

Question 87

Report Export Collapse

Which of the following is used to establish and maintain a framework to provide assurance that information security strategies are aligned with organizational objectives?

Awareness
Awareness
Compliance
Compliance
Governance
Governance
Management
Management
Suggested answer: C
asked 18/09/2024
Sivagami Narayanan
54 questions

Question 88

Report Export Collapse

Which of the following represents the HIGHEST negative impact resulting from an ineffective security governance program?

Reduction of budget
Reduction of budget
Decreased security awareness
Decreased security awareness
Improper use of information resources
Improper use of information resources
Fines for regulatory non-compliance
Fines for regulatory non-compliance
Suggested answer: D
asked 18/09/2024
Jonathan Ang
40 questions

Question 89

Report Export Collapse

The purpose of NIST SP 800-53 as part of the NIST System Certification and Accreditation Project is to establish a set of standardized, minimum security controls for IT systems addressing low, moderate, and high levels of concern for

Confidentiality, Integrity and Availability
Confidentiality, Integrity and Availability
Assurance, Compliance and Availability
Assurance, Compliance and Availability
International Compliance
International Compliance
Integrity and Availability
Integrity and Availability
Suggested answer: A
asked 18/09/2024
Wojciech Romaldowski
49 questions

Question 90

Report Export Collapse

When deploying an Intrusion Prevention System (IPS) the BEST way to get maximum protection from the system is to deploy it

In promiscuous mode and only detect malicious traffic.
In promiscuous mode and only detect malicious traffic.
In-line and turn on blocking mode to stop malicious traffic.
In-line and turn on blocking mode to stop malicious traffic.
In promiscuous mode and block malicious traffic.
In promiscuous mode and block malicious traffic.
In-line and turn on alert mode to stop malicious traffic.
In-line and turn on alert mode to stop malicious traffic.
Suggested answer: B
asked 18/09/2024
Kevin Lizano
38 questions
Total 460 questions
Go to page: of 46
Open VPLUS File
Convert VPLUS to PDF

Related questions

To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the
Smith, the project manager for a larger multi-location firm, is leading a software project team that has 18 members, 5 of which are assigned to testing. Due to recent recommendations by an organizational quality audit team, the project manager is convinced to add a quality professional to lead to test team at additional cost to the project. The project manager is aware of the importance of communication for the success of the project and takes the step of introducing additional communication channels, making it more complex, in order to assure quality levels of the project. What will be the first project management document that Smith should change in order to accommodate additional communication channels?
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?
The executive board has requested that the CISO of an organization define and Key Performance Indicators (KPI) to measure the effectiveness of the security awareness program provided to call center employees. Which of the following can be used as a KPI?
The alerting, monitoring, and lifecycle management of security-related events are typically managed by the:
A CISO must conduct risk assessments using a method where the Chief Financial Officer (CFO) receives impact data in financial terms to use as input to select the proper level of coverage in a new cybersecurity insurance policy. What is the MOST effective method of risk analysis to provide the CFO with the information required?
A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?
A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?