Home

Home / ECCouncil / 712-50

Question list

List of questions

Question 1

(0)

When briefing senior management on the creation of a governance process, the MOST important aspect should be:

Question 2

(0)

Which of the following most commonly falls within the scope of an information security governance steering committee?

Question 3

(0)

A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy.

Question 4

(0)

Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models

Question 5

(0)

Credit card information, medical data, and government records are all examples of:

Question 6

(0)

The establishment of a formal risk management framework and system authorization program is essential. The LAST step of the system authorization process is:

Question 7

(0)

The single most important consideration to make when developing your security program, policies, and processes is:

Question 8

(0)

An organization's Information Security Policy is of MOST importance because

Question 9

(0)

Developing effective security controls is a balance between:

Question 10

(0)

The PRIMARY objective for information security program development should be:

Open VPLUS File

Convert VPLUS to PDF

Related questions

What is an approach to estimating the strengths and weaknesses of alternatives used to determine options, which provide the BEST approach to achieving benefits while preserving savings called?

The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure the IT group?

When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?

As the CISO, you are the project sponsor for a highly visible log management project. The objective of the project is to centralize all the enterprise logs into a security information and event management (SIEM) system. You requested the results of the performance quality audits activity. The performance quality audit activity is done in what project management process group?

To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?

You have been hired as the Information System Security Officer (ISSO) for a US federal government agency. Your role is to ensure the security posture of the system is maintained. One of your tasks is to develop and maintain the system security plan (SSP) and supporting documentation. Which of the following is NOT documented in the SSP?

An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?

When managing the security architecture for your company you must consider:

A company wants to fill a Chief Information Security Officer position. Which of the following qualifications and experience would be MOST desirable in a candidate?

A Security Operations Manager is finding it difficult to maintain adequate staff levels to monitor security operations during off-hours. To reduce the impact of staff shortages and increase coverage during off-hours, the SecOps manager is considering outsourcing off-hour coverage. What Security Operations Center (SOC) model does this BEST describe?

Question 56 - 712-50 discussion

Report

A security manager has created a risk program. Which of the following is a critical part of ensuring the program is successful?

A.

Providing a risk program governance structure

B.

Ensuring developers include risk control comments in code

C.

Creating risk assessment templates based on specific threats

D.

Allowing for the acceptance of risk for regulatory compliance requirements

Show Answer

asked 18/09/2024

Vimal Varughese

42 questions

User

Your answer: A B C D

0 comments

Sorted by

Leave a comment first