Sample Ec Council.2passeasy.712 50.vce - Dumps.2024 Jun 02.by - Ellis.358q.vce

100% Valid and Newest Version 712-50 Questions & Answers shared by Certleader
https://www.certleader.com/712-50-dumps.html (343 Q&As)
712-50 Dumps
EC-Council Certified CISO (CCISO)
https://www.certleader.com/712-50-dumps.html
The Leader of IT Certification visit - https://www.certleader.com

NEW QUESTION 1
- (Topic 1)
Credit card information, medical data, and government records are all examples of:
A. Confidential/Protected Information
B. Bodily Information
C. Territorial Information
D. Communications Information
Answer: A
NEW QUESTION 2
- (Topic 1)
A global retail company is creating a new compliance management process. Which of the following regulations is of MOST importance to be tracked and managed
by this process?
A. Information Technology Infrastructure Library (ITIL)

B. International Organization for Standardization (ISO) standards
C. Payment Card Industry Data Security Standards (PCI-DSS)
D. National Institute for Standards and Technology (NIST) standard
Answer: C
NEW QUESTION 3
- (Topic 1)
According to the National Institute of Standards and Technology (NIST) SP 800-40, which of the following considerations are MOST important when creating a
vulnerability management program?
A. Susceptibility to attack, mitigation response time, and cost

B. Attack vectors, controls cost, and investigation staffing needs
C. Vulnerability exploitation, attack recovery, and mean time to repair
D. Susceptibility to attack, expected duration of attack, and mitigation availability
Answer: A
NEW QUESTION 4
- (Topic 1)
The establishment of a formal risk management framework and system authorization program is essential. The LAST step of the system authorization process is:
A. Contacting the Internet Service Provider for an IP scope

B. Getting authority to operate the system from executive management
C. Changing the default passwords
D. Conducting a final scan of the live system and mitigating all high and medium level vulnerabilities
Answer: B
NEW QUESTION 5
- (Topic 1)
A business unit within your organization intends to deploy a new technology in a manner that places it in violation of existing information security standards. What
immediate action should the information security manager take?
A. Enforce the existing security standards and do not allow the deployment of the new technology.
B. Amend the standard to permit the deployment.
C. If the risks associated with that technology are not already identified, perform a risk analysis to quantify the risk, and allow the business unit to proceed based
on the identified risk level.
D. Permit a 90-day window to see if an issue occurs and then amend the standard if there are no issues.
Answer: C
NEW QUESTION 6
- (Topic 1)
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law
would require notifying the owner or licensee of this incident?
A. Data breach disclosure

B. Consumer right disclosure
C. Security incident disclosure
D. Special circumstance disclosure
Answer: A
NEW QUESTION 7
- (Topic 1)
When dealing with a risk management process, asset classification is important because it will impact the overall:

A. Threat identification
B. Risk monitoring
C. Risk treatment
D. Risk tolerance
Answer: C
NEW QUESTION 8
- (Topic 1)
If your organization operates under a model of "assumption of breach", you should:
A. Protect all information resource assets equally

B. Establish active firewall monitoring protocols
C. Purchase insurance for your compliance liability
D. Focus your security efforts on high value assets
Answer: :C
NEW QUESTION 9
- (Topic 1)
Information security policies should be reviewed:
A. by stakeholders at least annually

B. by the CISO when new systems are brought online
C. by the Incident Response team after an audit
D. by internal audit semiannually
Answer: A
NEW QUESTION 10
- (Topic 1)
Payment Card Industry (PCI) compliance requirements are based on what criteria?
A. The types of cardholder data retained

B. The duration card holder data is retained
C. The size of the organization processing credit card data
D. The number of transactions performed per year by an organization
Answer: D
NEW QUESTION 10
- (Topic 1)
What role should the CISO play in properly scoping a PCI environment?
A. Validate the business units’ suggestions as to what should be included in the scoping process
B. Work with a Qualified Security Assessor (QSA) to determine the scope of the PCI environment
C. Ensure internal scope validation is completed and that an assessment has been done to discover all credit card data
D. Complete the self-assessment questionnaire and work with an Approved Scanning Vendor (ASV) to determine scope
Answer: :C
NEW QUESTION 15
- (Topic 1)
You have a system with 2 identified risks. You determine the probability of one risk occurring is higher than the
A. Controlled mitigation effort

B. Risk impact comparison
C. Relative likelihood of event
D. Comparative threat analysis
Answer: C
NEW QUESTION 16
- (Topic 1)
What two methods are used to assess risk impact?
A. Cost and annual rate of expectance

B. Subjective and Objective
C. Qualitative and percent of loss realized
D. Quantitative and qualitative
Answer: D
NEW QUESTION 17
- (Topic 1)

When would it be more desirable to develop a set of decentralized security policies and procedures within an enterprise environment?
A. When there is a need to develop a more unified incident response capability.

B. When the enterprise is made up of many business units with diverse business activities, risks profiles and regulatory requirements.
C. When there is a variety of technologies deployed in the infrastructure.
D. When it results in an overall lower cost of operating the security program.
Answer: B
NEW QUESTION 21
- (Topic 1)
Which of the following is the MOST important benefit of an effective security governance process?
A. Reduction of liability and overall risk to the organization

B. Better vendor management
C. Reduction of security breaches
D. Senior management participation in the incident response process
Answer: A
NEW QUESTION 23
- (Topic 1)
Which of the following is the MOST important for a CISO to understand when identifying threats?
A. How vulnerabilities can potentially be exploited in systems that impact the organization
B. How the security operations team will behave to reported incidents
C. How the firewall and other security devices are configured to prevent attacks
D. How the incident management team prepares to handle an attack
Answer: A
NEW QUESTION 25
- (Topic 1)
The Information Security Governance program MUST:
A. integrate with other organizational governance processes

B. support user choice for Bring Your Own Device (BYOD)
C. integrate with other organizational governance processes
D. show a return on investment for the organization
Answer: A
NEW QUESTION 27
- (Topic 1)
A method to transfer risk is to:
A. Implement redundancy
B. move operations to another region
C. purchase breach insurance
D. Alignment with business operations
Answer: C
NEW QUESTION 30
- (Topic 1)
What should an organization do to ensure that they have a sound Business Continuity (BC) Plan?
A. Test every three years to ensure that things work as planned

B. Conduct periodic tabletop exercises to refine the BC plan
C. Outsource the creation and execution of the BC plan to a third party vendor
D. Conduct a Disaster Recovery (DR) exercise every year to test the plan
Answer: B
NEW QUESTION 32
- (Topic 1)
When choosing a risk mitigation method what is the MOST important factor?
A. Approval from the board of directors

B. Cost of the mitigation is less than the risk
C. Metrics of mitigation method success
D. Mitigation method complies with PCI regulations
Answer: B
NEW QUESTION 35

- (Topic 1)
Risk appetite directly affects what part of a vulnerability management program?
A. Staff
B. Scope
C. Schedule
D. Scan tools
Answer: B
NEW QUESTION 40
- (Topic 1)
After a risk assessment is performed, a particular risk is considered to have the potential of costing the organization 1.2 Million USD. This is an example of
A. Risk Tolerance
B. Qualitative risk analysis
C. Risk Appetite
D. Quantitative risk analysis
Answer: D
NEW QUESTION 45
- (Topic 1)
The purpose of NIST SP 800-53 as part of the NIST System Certification and Accreditation Project is to establish a set of standardized, minimum security controls
for IT systems
addressing low, moderate, and high levels of concern for
A. Confidentiality, Integrity and Availability

B. Assurance, Compliance and Availability
C. International Compliance
D. Integrity and Availability
Answer: A
NEW QUESTION 47
- (Topic 1)
A company wants to fill a Chief Information Security Officer position in the organization. They need to define and implement a more holistic security program.
Which of the following qualifications and experience would be MOST desirable to find in a candidate?
A. Multiple certifications, strong technical capabilities and lengthy resume

B. Industry certifications, technical knowledge and program management skills
C. College degree, audit capabilities and complex project management
D. Multiple references, strong background check and industry certifications
Answer: B
NEW QUESTION 49
- (Topic 1)
An organization's Information Security Policy is of MOST importance because
A. it communicates management’s commitment to protecting information resources

B. it is formally acknowledged by all employees and vendors
C. it defines a process to meet compliance requirements
D. it establishes a framework to protect confidential information
Answer: A
NEW QUESTION 53
- (Topic 1)
Which of the following should be determined while defining risk management strategies?
A. Organizational objectives and risk tolerance

B. Risk assessment criteria
C. IT architecture complexity
D. Enterprise disaster recovery plans
Answer: A
NEW QUESTION 54
- (Topic 1)
Which of the following is a MAJOR consideration when an organization retains sensitive customer data and uses this data to better target the organization’s
products and services?
A. Strong authentication technologies

B. Financial reporting regulations
C. Credit card compliance and regulations
D. Local privacy laws

Answer: D
NEW QUESTION 55
- (Topic 1)
Which of the following is MOST important when dealing with an Information Security Steering committee:
A. Include a mix of members from different departments and staff levels.

B. Ensure that security policies and procedures have been vetted and approved.
C. Review all past audit and compliance reports.
D. Be briefed about new trends and products at each meeting by a vendor.
Answer: C
NEW QUESTION 57
- (Topic 1)
Developing effective security controls is a balance between:
A. Risk Management and Operations

B. Corporate Culture and Job Expectations
C. Operations and Regulations
D. Technology and Vendor Management
Answer: A
NEW QUESTION 58
- (Topic 1)
The alerting, monitoring and life-cycle management of security related events is typically handled by the
A. security threat and vulnerability management process

B. risk assessment process
C. risk management process
D. governance, risk, and compliance tools
Answer: :A
NEW QUESTION 63
- (Topic 1)
When an organization claims it is secure because it is PCI-DSS certified, what is a good first question to ask towards assessing the effectiveness of their security
program?
A. How many credit card records are stored?

B. How many servers do you have?
C. What is the scope of the certification?
D. What is the value of the assets at risk?
Answer: C
NEW QUESTION 67
- (Topic 1)
According to ISO 27001, of the steps for establishing an Information Security Governance program listed below, which comes first?
A. Identify threats, risks, impacts and vulnerabilities

B. Decide how to manage risk
C. Define the budget of the Information Security Management System
D. Define Information Security Policy
Answer: D
NEW QUESTION 72
- (Topic 1)
What is the MAIN reason for conflicts between Information Technology and Information Security programs?
A. Technology governance defines technology policies and standards while security governance does not.
B. Security governance defines technology best practices and Information Technology governance does not.
C. Technology Governance is focused on process risks whereas Security Governance is focused on business risk.
D. The effective implementation of security controls can be viewed as an inhibitor to rapid Information Technology implementations.
Answer: D
NEW QUESTION 76
- (Topic 1)
A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. Which of the
following standards and guidelines can BEST address this organization’s need?
A. International Organization for Standardizations – 22301 (ISO-22301)

B. Information Technology Infrastructure Library (ITIL)

C. Payment Card Industry Data Security Standards (PCI-DSS)
D. International Organization for Standardizations – 27005 (ISO-27005)
Answer: A
NEW QUESTION 80
- (Topic 1)
When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?
A. Escalation
B. Recovery
C. Eradication
D. Containment
Answer: D
NEW QUESTION 81
- (Topic 1)
A security manager regualrly checks work areas after buisness hours for security violations; such as unsecured files or unattended computers with active sessions.
This activity BEST demonstrates what part of a security program?
A. Audit validation
B. Physical control testing
C. Compliance management
D. Security awareness training
Answer: C
NEW QUESTION 83
- (Topic 1)
When deploying an Intrusion Prevention System (IPS) the BEST way to get maximum protection from the system is to deploy it
A. In promiscuous mode and only detect malicious traffic.

B. In-line and turn on blocking mode to stop malicious traffic.
C. In promiscuous mode and block malicious traffic.
D. In-line and turn on alert mode to stop malicious traffic.
Answer: B
NEW QUESTION 88
- (Topic 1)
Which of the following represents the HIGHEST negative impact resulting from an ineffective security governance program?
A. Reduction of budget
B. Decreased security awareness
C. Improper use of information resources
D. Fines for regulatory non-compliance
Answer: D
NEW QUESTION 90
- (Topic 1)
Risk that remains after risk mitigation is known as
A. Persistent risk
B. Residual risk
C. Accepted risk
D. Non-tolerated risk
Answer: B
NEW QUESTION 95
- (Topic 1)
A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates
and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy
shortcomings?
A. Lack of a formal security awareness program

B. Lack of a formal security policy governance process
C. Lack of formal definition of roles and responsibilities
D. Lack of a formal risk management policy
Answer: B
NEW QUESTION 100

- (Topic 2)
An organization is required to implement background checks on all employees with access to databases containing credit card information. This is considered a
security
A. Procedural control
B. Management control
C. Technical control
D. Administrative control
Answer: B
NEW QUESTION 105

- (Topic 2)
A Chief Information Security Officer received a list of high, medium, and low impact audit findings. Which of the following represents the BEST course of action?
A. If the findings impact regulatory compliance, try to apply remediation that will address the most findings for the least cost.
B. If the findings do not impact regulatory compliance, remediate only the high and medium risk findings.
C. If the findings impact regulatory compliance, remediate the high findings as quickly as possible.
D. If the findings do not impact regulatory compliance, review current security controls.
Answer: C
NEW QUESTION 106

- (Topic 2)
The regular review of a firewall ruleset is considered a
A. Procedural control
B. Organization control
C. Technical control
D. Management control
Answer: A
NEW QUESTION 110

- (Topic 2)
Which is the BEST solution to monitor, measure, and report changes to critical data in a system?
A. Application logs
B. File integrity monitoring
C. SNMP traps
D. Syslog
Answer: B
NEW QUESTION 114

- (Topic 2)
Which of the following activities is the MAIN purpose of the risk assessment process?
A. Creating an inventory of information assets

B. Classifying and organizing information assets into meaningful groups
C. Assigning value to each information asset
D. Calculating the risks to which assets are exposed in their current setting
Answer: D
NEW QUESTION 115

- (Topic 2)
You have implemented the new controls. What is the next step?
A. Document the process for the stakeholders

B. Monitor the effectiveness of the controls
C. Update the audit findings report
D. Perform a risk assessment
Answer: B
NEW QUESTION 117

- (Topic 2)
A missing/ineffective security control is identified. Which of the following should be the NEXT step?
A. Perform an audit to measure the control formally

B. Escalate the issue to the IT organization
C. Perform a risk assessment to measure risk
D. Establish Key Risk Indicators
Answer: C

NEW QUESTION 121

- (Topic 2)
Creating a secondary authentication process for network access would be an example of?
A. Nonlinearities in physical security performance metrics

B. Defense in depth cost enumerated costs
C. System hardening and patching requirements
D. Anti-virus for mobile devices
Answer: A
NEW QUESTION 123

- (Topic 2)
Which of the following is the PRIMARY purpose of International Organization for Standardization (ISO) 27001?
A. Use within an organization to formulate security requirements and objectives

B. Implementation of business-enabling information security
C. Use within an organization to ensure compliance with laws and regulations
D. To enable organizations that adopt it to obtain certifications
Answer: B
NEW QUESTION 126

- (Topic 2)
IT control objectives are useful to IT auditors as they provide the basis for understanding the:
A. Desired results or purpose of implementing specific control procedures.

B. The audit control checklist.
C. Techniques for securing information.
D. Security policy
Answer: A
NEW QUESTION 130

- (Topic 2)
You are the Chief Information Security Officer of a large, multinational bank and you suspect there is a flaw in a two factor authentication token management
process. Which of the following represents your BEST course of action?
A. Validate that security awareness program content includes information about the potential vulnerability
B. Conduct a thorough risk assessment against the current implementation to determine system functions
C. Determine program ownership to implement compensating controls
D. Send a report to executive peers and business unit owners detailing your suspicions
Answer: B
NEW QUESTION 131

- (Topic 2)
Which of the following set of processes is considered to be one of the cornerstone cycles of the International Organization for Standardization (ISO) 27001
standard?
A. Plan-Check-Do-Act
B. Plan-Do-Check-Act
C. Plan-Select-Implement-Evaluate
D. SCORE (Security Consensus Operational Readiness Evaluation)
Answer: B
NEW QUESTION 134

- (Topic 2)
The executive board has requested that the CISO of an organization define and Key Performance Indicators (KPI) to measure the effectiveness of the security
awareness program provided to call center employees. Which of the following can be used as a KPI?
A. Number of callers who report security issues.

B. Number of callers who report a lack of customer service from the call center
C. Number of successful social engineering attempts on the call center
D. Number of callers who abandon the call before speaking with a representative
Answer: C
NEW QUESTION 135

- (Topic 2)
In MOST organizations which group periodically reviews network intrusion detection system logs for all systems as part of their daily tasks?
A. Internal Audit
B. Database Administration
C. Information Security
D. Compliance

Answer: C
NEW QUESTION 137

- (Topic 2)
Which of the following represents the BEST reason for an organization to use the Control Objectives for Information and Related Technology (COBIT) as an
Information Technology (IT) framework?
A. It allows executives to more effectively monitor IT implementation costs

B. Implementation of it eases an organization’s auditing and compliance burden
C. Information Security (IS) procedures often require augmentation with other standards
D. It provides for a consistent and repeatable staffing model for technology organizations
Answer: B
NEW QUESTION 138

- (Topic 2)
Many times a CISO may have to speak to the Board of Directors (BOD) about their cyber security posture. What would be the BEST choice of security metrics to
present to the BOD?
A. All vulnerabilities found on servers and desktops

B. Only critical and high vulnerabilities on servers and desktops
C. Only critical and high vulnerabilities that impact important production servers
D. All vulnerabilities that impact important production servers
Answer: C
NEW QUESTION 140

- (Topic 2)
Which of the following activities results in change requests?
A. Preventive actions
B. Inspection
C. Defect repair
D. Corrective actions
Answer: A
NEW QUESTION 144

- (Topic 2)
Providing oversight of a comprehensive information security program for the entire organization is the primary responsibility of which group under the InfoSec
governance framework?
A. Senior Executives
B. Office of the Auditor
C. Office of the General Counsel
D. All employees and users
Answer: :A
NEW QUESTION 145

- (Topic 2)
An audit was conducted and many critical applications were found to have no disaster recovery plans in place. You conduct a Business Impact Analysis (BIA) to
determine impact to the company for each application. What should be the NEXT step?
A. Determine the annual loss expectancy (ALE)

B. Create a crisis management plan
C. Create technology recovery plans
D. Build a secondary hot site
Answer: C
NEW QUESTION 149

- (Topic 2)
Creating a secondary authentication process for network access would be an example of?
A. An administrator with too much time on their hands.

B. Putting undue time commitment on the system administrator.
C. Supporting the concept of layered security
D. Network segmentation.
Answer: C
NEW QUESTION 154

- (Topic 2)
Which of the following BEST describes an international standard framework that is based on the security model Information Technology—Code of Practice for

Information Security Management?
A. International Organization for Standardization 27001

B. National Institute of Standards and Technology Special Publication SP 800-12
C. Request For Comment 2196
D. National Institute of Standards and Technology Special Publication SP 800-26
Answer: A
NEW QUESTION 157

- (Topic 2)
The risk found after a control has been fully implemented is called:
A. Residual Risk
B. Total Risk
C. Post implementation risk
D. Transferred risk
Answer: A
NEW QUESTION 161

- (Topic 2)
Step-by-step procedures to regain normalcy in the event of a major earthquake is PRIMARILY covered by which of the following plans?
A. Incident response plan

B. Business Continuity plan
C. Disaster recovery plan
D. Damage control plan
Answer: :C
NEW QUESTION 162

- (Topic 2)
Which of the following best represents a calculation for Annual Loss Expectancy (ALE)?
A. Single loss expectancy multiplied by the annual rate of occurrence

B. Total loss expectancy multiplied by the total loss frequency
C. Value of the asset multiplied by the loss expectancy
D. Replacement cost multiplied by the single loss expectancy
Answer: A
NEW QUESTION 165

- (Topic 2)
To have accurate and effective information security policies how often should the CISO review the organization policies?
A. Every 6 months
B. Quarterly
C. Before an audit
D. At least once a year
Answer: D
NEW QUESTION 168

- (Topic 2)
Which of the following is a fundamental component of an audit record?
A. Date and time of the event

B. Failure of the event
C. Originating IP-Address
D. Authentication type
Answer: A
NEW QUESTION 170

- (Topic 2)
The patching and monitoring of systems on a consistent schedule is required by?
A. Local privacy laws

B. Industry best practices
C. Risk Management frameworks
D. Audit best practices
Answer: C
NEW QUESTION 173

- (Topic 2)
The MOST common method to get an unbiased measurement of the effectiveness of an Information Security Management System (ISMS) is to
A. assign the responsibility to the information security team.

B. assign the responsibility to the team responsible for the management of the controls.
C. create operational reports on the effectiveness of the controls.
D. perform an independent audit of the security controls.
Answer: D
NEW QUESTION 176

- (Topic 2)
The mean time to patch, number of virus outbreaks prevented, and number of vulnerabilities mitigated are examples of what type of performance metrics?
A. Risk metrics
B. Management metrics
C. Operational metrics
D. Compliance metrics
Answer: C
NEW QUESTION 178

- (Topic 3)
Your company has a “no right to privacy” notice on all logon screens for your information
systems and users sign an Acceptable Use Policy informing them of this condition. A peer group member and friend comes to you and requests access to one of
her employee’s email account. What should you do? (choose the BEST answer):
A. Grant her access, the employee has been adequately warned through the AUP.
B. Assist her with the request, but only after her supervisor signs off on the action.
C. Reset the employee’s password and give it to the supervisor.
D. Deny the request citing national privacy laws.
Answer: B
NEW QUESTION 182

- (Topic 3)
Which of the following information may be found in table top exercises for incident response?
A. Security budget augmentation

B. Process improvements
C. Real-time to remediate
D. Security control selection
Answer: B
NEW QUESTION 184

- (Topic 3)
Which of the following methods are used to define contractual obligations that force a vendor to meet customer expectations?
A. Terms and Conditions

B. Service Level Agreements (SLA)
C. Statement of Work
D. Key Performance Indicators (KPI)
Answer: B
NEW QUESTION 189

- (Topic 3)
When gathering security requirements for an automated business process improvement program, which of the following is MOST important?
A. Type of data contained in the process/system

B. Type of connection/protocol used to transfer the data
C. Type of encryption required for the data once it is at rest
D. Type of computer the data is processed on
Answer: A
NEW QUESTION 191

- (Topic 3)
Your incident response plan should include which of the following?
A. Procedures for litigation

B. Procedures for reclamation
C. Procedures for classification
D. Procedures for charge-back
Answer: C

NEW QUESTION 194

- (Topic 3)
A CISO sees abnormally high volumes of exceptions to security requirements and constant pressure from business units to change security processes. Which of
the following represents the MOST LIKELY cause of this situation?
A. Poor audit support for the security program

B. A lack of executive presence within the security program
C. Poor alignment of the security program to business needs
D. This is normal since business units typically resist security requirements
Answer: C
NEW QUESTION 196

- (Topic 3)
An organization has a stated requirement to block certain traffic on networks. The
implementation of controls will disrupt a manufacturing process and cause unacceptable delays, resulting in sever revenue disruptions. Which of the following is
MOST likely to be responsible for accepting the risk until mitigating controls can be implemented?
A. The CISO
B. Audit and Compliance
C. The CFO
D. The business owner
Answer: D
NEW QUESTION 198

- (Topic 3)
A department within your company has proposed a third party vendor solution to address an urgent, critical business need. As the CISO you have been asked to
accelerate screening of their security control claims. Which of the following vendor provided documents is BEST to make your decision:
A. Vendor’s client list of reputable organizations currently using their solution

B. Vendor provided attestation of the detailed security controls from a reputable accounting firm
C. Vendor provided reference from an existing reputable client detailing their implementation
D. Vendor provided internal risk assessment and security control documentation
Answer: B
NEW QUESTION 201

- (Topic 3)
Which one of the following BEST describes which member of the management team is accountable for the day-to-day operation of the information security
program?
A. Security administrators
B. Security mangers
C. Security technicians
D. Security analysts
Answer: :B
NEW QUESTION 203

- (Topic 3)
The ultimate goal of an IT security projects is:
A. Increase stock value

B. Complete security
C. Support business requirements
D. Implement information security policies
Answer: C
NEW QUESTION 207

- (Topic 3)
In effort to save your company money which of the following methods of training results in the lowest cost for the organization?
A. Distance learning/Web seminars

B. Formal Class
C. One-One Training
D. Self –Study (noncomputerized)
Answer: D
NEW QUESTION 211

- (Topic 3)
When managing the critical path of an IT security project, which of the following is MOST important?
A. Knowing who all the stakeholders are.

B. Knowing the people on the data center team.

C. Knowing the threats to the organization.
D. Knowing the milestones and timelines of deliverables.
Answer: :D
NEW QUESTION 212

- (Topic 3)
You currently cannot provide for 24/7 coverage of your security monitoring and incident response duties and your company is resistant to the idea of adding more
full-time employees to the payroll. Which combination of solutions would help to provide the coverage needed without the addition of more dedicated staff?
(choose the best answer):
A. Deploy a SEIM solution and have current staff review incidents first thing in the morning
B. Contract with a managed security provider and have current staff on recall for incident response
C. Configure your syslog to send SMS messages to current staff when target events are triggered
D. Employ an assumption of breach protocol and defend only essential information resources
Answer: B
NEW QUESTION 214

- (Topic 3)
Which of the following are not stakeholders of IT security projects?
A. Board of directors
B. Third party vendors
C. CISO
D. Help Desk
Answer: B
NEW QUESTION 217

- (Topic 3)
Information Security is often considered an excessive, after-the-fact cost when a project or initiative is completed. What can be done to ensure that security is
addressed cost effectively?
A. User awareness training for all employees

B. Installation of new firewalls and intrusion detection systems
C. Launch an internal awareness campaign
D. Integrate security requirements into project inception
Answer: D
NEW QUESTION 221

- (Topic 3)
The company decides to release the application without remediating the high-risk vulnerabilities. Which of the following is the MOST likely reason for the company
to release the application?
A. The company lacks a risk management process

B. The company does not believe the security vulnerabilities to be real
C. The company has a high risk tolerance
D. The company lacks the tools to perform a vulnerability assessment
Answer: C
NEW QUESTION 222

- (Topic 3)
Which of the following is considered a project versus a managed process?
A. monitoring external and internal environment during incident response

B. ongoing risk assessments of routine operations
C. continuous vulnerability assessment and vulnerability repair
D. installation of a new firewall system
Answer: D
NEW QUESTION 224

- (Topic 3)
Which of the following functions implements and oversees the use of controls to reduce risk when creating an information security program?
A. Risk Assessment
B. Incident Response
C. Risk Management
D. Network Security administration
Answer: C

NEW QUESTION 226

- (Topic 3)
Which of the following is the BEST indicator of a successful project?
A. it is completed on time or early as compared to the baseline project plan

B. it meets most of the specifications as outlined in the approved project definition
C. it comes in at or below the expenditures planned for in the baseline budget
D. the deliverables are accepted by the key stakeholders
Answer: D
NEW QUESTION 230

- (Topic 3)
Risk appetite is typically determined by which of the following organizational functions?
A. Security
B. Business units
C. Board of Directors
D. Audit and compliance
Answer: B
NEW QUESTION 234

- (Topic 3)
Which of the following is a major benefit of applying risk levels?
A. Risk management governance becomes easier since most risks remain low once mitigated
B. Resources are not wasted on risks that are already managed to an acceptable level
C. Risk budgets are more easily managed due to fewer identified risks as a result of using a methodology
D. Risk appetite can increase within the organization once the levels are understood
Answer: B
NEW QUESTION 235

- (Topic 3)
The Security Operations Center (SOC) just purchased a new intrusion prevention system (IPS) that needs to be deployed in-line for best defense. The IT group is
concerned about putting the new IPS in-line because it might negatively impact network availability. What would be the BEST approach for the CISO to reassure
the IT group?
A. Work with the IT group and tell them to put IPS in-line and say it won’t cause any network impact
B. Explain to the IT group that the IPS won’t cause any network impact because it will fail open
C. Explain to the IT group that this is a business need and the IPS will fail open however, if there is a network failure the CISO will accept responsibility
D. Explain to the IT group that the IPS will fail open once in-line however it will be deployed in monitor mode for a set period of time to ensure that it doesn’t block
any legitimate traffic
Answer: D
NEW QUESTION 238

- (Topic 3)
Which of the following represents the BEST method of ensuring security program alignment to business needs?
A. Create a comprehensive security awareness program and provide success metrics to business units
B. Create security consortiums, such as strategic security planning groups, that include business unit participation
C. Ensure security implementations include business unit testing and functional validation prior to production rollout
D. Ensure the organization has strong executive-level security representation through clear sponsorship or the creation of a CISO role
Answer: B
NEW QUESTION 240

- (Topic 3)
An application vulnerability assessment has identified a security flaw in an application. This is a flaw that was previously identified and remediated on a prior
release of the application. Which of the following is MOST likely the reason for this recurring issue?
A. Ineffective configuration management controls

B. Lack of change management controls
C. Lack of version/source controls
D. High turnover in the application development department
Answer: C
NEW QUESTION 241

- (Topic 3)
Which of the following is MOST beneficial in determining an appropriate balance between uncontrolled innovation and excessive caution in an organization?
A. Define the risk appetite

B. Determine budget constraints
C. Review project charters

D. Collaborate security projects
Answer: A
NEW QUESTION 245

- (Topic 3)
Which of the following can the company implement in order to avoid this type of security issue in the future?
A. Network based intrusion detection systems

B. A security training program for developers
C. A risk management process
D. A audit management process
Answer: B
NEW QUESTION 249

- (Topic 3)
What oversight should the information security team have in the change management process for application security?
A. Information security should be informed of changes to applications only

B. Development team should tell the information security team about any application security flaws
C. Information security should be aware of any significant application security changes and work with developer to test for vulnerabilities before changes are
deployed in production
D. Information security should be aware of all application changes and work with developers before changes are deployed in production
Answer: C
NEW QUESTION 253

- (Topic 3)
When should IT security project management be outsourced?
A. When organizational resources are limited

B. When the benefits of outsourcing outweigh the inherent risks of outsourcing
C. On new, enterprise-wide security initiatives
D. On projects not forecasted in the yearly budget
Answer: B
NEW QUESTION 254

- (Topic 3)
A newly appointed security officer finds data leakage software licenses that had never been used. The officer decides to implement a project to ensure it gets
installed, but the project gets a great deal of resistance across the organization. Which of the following represents the MOST likely reason for this situation?
A. The software license expiration is probably out of synchronization with other software licenses
B. The project was initiated without an effort to get support from impacted business units in the organization
C. The software is out of date and does not provide for a scalable solution across the enterprise
D. The security officer should allow time for the organization to get accustomed to her presence before initiating security projects
Answer: B
NEW QUESTION 256

- (Topic 3)
A system was hardened at the Operating System level and placed into the production environment. Months later an audit was performed and it identified insecure
configuration different from the original hardened state. Which of the following security issues is the MOST likely reason leading to the audit findings?
A. Lack of asset management processes

B. Lack of change management processes
C. Lack of hardening standards
D. Lack of proper access controls
Answer: B
NEW QUESTION 261

- (Topic 3)
Which of the following will be MOST helpful for getting an Information Security project that is behind schedule back on schedule?
A. Upper management support

B. More frequent project milestone meetings
C. More training of staff members
D. Involve internal audit
Answer: A
NEW QUESTION 262

- (Topic 3)

Which of the following is the MOST important component of any change management process?
A. Scheduling
B. Back-out procedures
C. Outage planning
D. Management approval
Answer: D
NEW QUESTION 263

- (Topic 3)
How often should the SSAE16 report of your vendors be reviewed?
A. Quarterly
B. Semi-annually
C. Annually
D. Bi-annually
Answer: C
NEW QUESTION 265

- (Topic 3)
An example of professional unethical behavior is:
A. Gaining access to an affiliated employee’s work email account as part of an officially sanctioned internal investigation
B. Sharing copyrighted material with other members of a professional organization where all members have legitimate access to the material
C. Copying documents from an employer’s server which you assert that you have an intellectual property claim to possess, but the company disputes
D. Storing client lists and other sensitive corporate internal documents on a removable thumb drive
Answer: C
NEW QUESTION 267

- (Topic 3)
When is an application security development project complete?
A. When the application is retired.

B. When the application turned over to production.
C. When the application reaches the maintenance phase.
D. After one year.
Answer: A
NEW QUESTION 268

- (Topic 3)
A CISO implements smart cards for credential management, and as a result has reduced costs associated with help desk operations supporting password resets.
This demonstrates which of the following principles?
A. Security alignment to business goals

B. Regulatory compliance effectiveness
C. Increased security program presence
D. Proper organizational policy enforcement
Answer: A
NEW QUESTION 271

- (Topic 3)
A CISO has recently joined an organization with a poorly implemented security program. The desire is to base the security program on a risk management
approach. Which of the following is a foundational requirement in order to initiate this type of program?
A. A security organization that is adequately staffed to apply required mitigation strategies and regulatory compliance solutions
B. A clear set of security policies and procedures that are more concept-based than controls-based
C. A complete inventory of Information Technology assets including infrastructure, networks, applications and data
D. A clearly identified executive sponsor who will champion the effort to ensure organizational buy-in
Answer: :D
NEW QUESTION 273

- (Topic 3)
To get an Information Security project back on schedule, which of the following will provide the MOST help?
A. Upper management support

B. More frequent project milestone meetings
C. Stakeholder support
D. Extend work hours
Answer: A

NEW QUESTION 276

- (Topic 3)
Which of the following functions evaluates risk present in IT initiatives and/or systems when implementing an information security program?
A. Risk Management
B. Risk Assessment
C. System Testing
D. Vulnerability Assessment
Answer: B
NEW QUESTION 279

- (Topic 4)
You are having a penetration test done on your company network and the leader of the team says they discovered all the network devices because no one had
changed the Simple Network Management Protocol (SNMP) community strings from the defaults. Which of the following is a default community string?
A. Execute
B. Read
C. Administrator
D. Public
Answer: D
NEW QUESTION 282

- (Topic 4)
As a CISO you need to understand the steps that are used to perform an attack against a network. Put each step into the correct order.
1.Covering tracks 2.Scanning and enumeration 3.Maintaining Access 4.Reconnaissance
5.Gaining Access
A. 4, 2, 5, 3, 1
B. 2, 5, 3, 1, 4
C. 4, 5, 2, 3, 1
D. 4, 3, 5, 2, 1
Answer: A
NEW QUESTION 283

- (Topic 4)
Network Forensics is the prerequisite for any successful legal action after attacks on your Enterprise Network. Which is the single most important factor to
introducing digital evidence into a court of law?
A. Comprehensive Log-Files from all servers and network devices affected during the attack
B. Fully trained network forensic experts to analyze all data right after the attack
C. Uninterrupted Chain of Custody
D. Expert forensics witness
Answer: C
NEW QUESTION 288

- (Topic 4)
Which of the following is the MAIN security concern for public cloud computing?
A. Unable to control physical access to the servers

B. Unable to track log on activity
C. Unable to run anti-virus scans
D. Unable to patch systems as needed
Answer: A
NEW QUESTION 292

- (Topic 4)
Which wireless encryption technology makes use of temporal keys?
A. Wireless Application Protocol (WAP)

B. Wifi Protected Access version 2 (WPA2)
C. Wireless Equivalence Protocol (WEP)
D. Extensible Authentication Protocol (EAP)
Answer: B
NEW QUESTION 293

- (Topic 4)
Your incident handling manager detects a virus attack in the network of your company. You develop a signature based on the characteristics of the detected virus.
Which of the following phases in the incident handling process will utilize the signature to resolve this incident?
A. Containment
B. Recovery

C. Identification
D. Eradication
Answer: D
NEW QUESTION 298

- (Topic 4)
The general ledger setup function in an enterprise resource package allows for setting accounting periods. Access to this function has been permitted to users in
finance, the shipping department, and production scheduling. What is the most likely reason for such broad access?
A. The need to change accounting periods on a regular basis.

B. The requirement to post entries for a closed accounting period.
C. The need to create and modify the chart of accounts and its allocations.
D. The lack of policies and procedures for the proper segregation of duties.
Answer: D
NEW QUESTION 300

- (Topic 4)
One of your executives needs to send an important and confidential email. You want to ensure that the message cannot be read by anyone but the recipient.
Which of the following keys should be used to encrypt the message?
A. Your public key

B. The recipient's private key
C. The recipient's public key
D. Certificate authority key
Answer: C
NEW QUESTION 302

- (Topic 4)
While designing a secondary data center for your company what document needs to be analyzed to determine to how much should be spent on building the data
center?
A. Enterprise Risk Assessment

B. Disaster recovery strategic plan
C. Business continuity plan
D. Application mapping document
Answer: B
NEW QUESTION 304

- (Topic 4)
SQL injection is a very popular and successful injection attack method. Identify the basic SQL injection text:
A. Mastered
B. Not Mastered
Answer: A
NEW QUESTION 309

- (Topic 4)
Security related breaches are assessed and contained through which of the following?
A. The IT support team.

B. A forensic analysis.
C. Incident response
D. Physical security team.
Answer: C
NEW QUESTION 312

- (Topic 4)
What is the term describing the act of inspecting all real-time Internet traffic (i.e., packets) traversing a major Internet backbone without introducing any apparent
latency?
A. Traffic Analysis
B. Deep-Packet inspection
C. Packet sampling
D. Heuristic analysis
Answer: B
NEW QUESTION 317

- (Topic 4)

Which of the following is MOST important when tuning an Intrusion Detection System (IDS)?
A. Trusted and untrusted networks

B. Type of authentication
C. Storage encryption
D. Log retention
Answer: A
NEW QUESTION 319

- (Topic 4)
The process for identifying, collecting, and producing digital information in support of legal proceedings is called
A. chain of custody.
B. electronic discovery.
C. evidence tampering.
D. electronic review.
Answer: B
NEW QUESTION 324

- (Topic 4)
What is the FIRST step in developing the vulnerability management program?
A. Baseline the Environment

B. Maintain and Monitor
C. Organization Vulnerability
D. Define Policy
Answer: A
NEW QUESTION 329

- (Topic 5)
Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and
data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can
use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank
routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.
What type of control is being implemented by supervisors and data owners?
A. Management
B. Operational
C. Technical
D. Administrative
Answer: B
NEW QUESTION 333

- (Topic 5)
Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently
at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric
agenda.
Which of the following is the reason the CISO has not been able to advance the security agenda in this organization?
A. Lack of identification of technology stake holders

B. Lack of business continuity process
C. Lack of influence with leaders outside IT
D. Lack of a security awareness program
Answer: C
NEW QUESTION 335

- (Topic 5)
What is the primary reason for performing a return on investment analysis?
A. To decide between multiple vendors

B. To decide is the solution costs less than the risk it is mitigating
C. To determine the current present value of a project
D. To determine the annual rate of loss
Answer: B
NEW QUESTION 337

- (Topic 5)
Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security
infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive
customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that
data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has

full access to the data on the foreign server.

Your defenses did not hold up to the test as originally thought. As you investigate how the data was compromised through log analysis you discover that a
hardworking, but misguided business intelligence analyst posted the data to an obfuscated URL on a popular cloud storage service so they could work on it from
home during their off-time. Which technology or solution could you deploy to prevent employees from removing corporate data from your network? Choose the
BEST answer.
A. Security Guards posted outside the Data Center

B. Data Loss Prevention (DLP)
C. Rigorous syslog reviews
D. Intrusion Detection Systems (IDS)
Answer: B
NEW QUESTION 338

- (Topic 5)
The process for management approval of the security certification process which states the risks and mitigation of such risks of a given IT system is called
A. Security certification
B. Security system analysis
C. Security accreditation
D. Alignment with business practices and goals.
Answer: C
NEW QUESTION 343

- (Topic 5)
Scenario: Your program is developed around minimizing risk to information by focusing on people, technology, and operations.
An effective way to evaluate the effectiveness of an information security awareness program for end users, especially senior executives, is to conduct periodic:
A. Controlled spear phishing campaigns

B. Password changes
C. Baselining of computer systems
D. Scanning for viruses
Answer: A
NEW QUESTION 346

- (Topic 5)
What is the BEST reason for having a formal request for proposal process?
A. Creates a timeline for purchasing and budgeting

B. Allows small companies to compete with larger companies
C. Clearly identifies risks and benefits before funding is spent
D. Informs suppliers a company is going to make a purchase
Answer: C
NEW QUESTION 351

- (Topic 5)
SCENARIO: Critical servers show signs of erratic behavior within your organization’s intranet. Initial information indicates the systems are under attack from an
outside entity. As the Chief Information Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the details of this incident
and take action according to the information available to the team.
During initial investigation, the team suspects criminal activity but cannot initially prove or disprove illegal actions. What is the MOST critical aspect of the team’s
activities?
A. Regular communication of incident status to executives

B. Eradication of malware and system restoration
C. Determination of the attack source
D. Preservation of information
Answer: D
NEW QUESTION 352

- (Topic 5)
When creating contractual agreements and procurement processes why should security requirements be included?
A. To make sure they are added on after the process is completed

B. To make sure the costs of security is included and understood
C. To make sure the security process aligns with the vendor’s security process
D. To make sure the patching process is included with the costs
Answer: B
NEW QUESTION 354

- (Topic 5)
Scenario: You are the newly hired Chief Information Security Officer for a company that has not previously had a senior level security practitioner. The company
lacks a defined security policy and framework for their Information Security Program. Your new boss, the Chief Financial Officer, has asked you to draft an outline

of a security policy and recommend an industry/sector neutral information security control framework for implementation.
Your Corporate Information Security Policy should include which of the following?
A. Information security theory

B. Roles and responsibilities
C. Incident response contacts
D. Desktop configuration standards
Answer: B
NEW QUESTION 355

- (Topic 5)
Which of the following is considered the foundation for the Enterprise Information Security Architecture (EISA)?
A. Security regulations
B. Asset classification
C. Information security policy
D. Data classification
Answer: C
NEW QUESTION 356

- (Topic 5)
Which of the following provides an independent assessment of a vendor’s internal security controls and overall posture?
A. Alignment with business goals

B. ISO27000 accreditation
C. PCI attestation of compliance
D. Financial statements
Answer: B
NEW QUESTION 357

- (Topic 5)
Annual Loss Expectancy is derived from the function of which two factors?
A. Annual Rate of Occurrence and Asset Value

B. Single Loss Expectancy and Exposure Factor
C. Safeguard Value and Annual Rate of Occurrence
D. Annual Rate of Occurrence and Single Loss Expectancy
Answer: D
NEW QUESTION 359

- (Topic 5)
When analyzing and forecasting an operating expense budget what are not included?
A. Software and hardware license fees

B. Utilities and power costs
C. Network connectivity costs
D. New datacenter to operate from
Answer: D
NEW QUESTION 364

- (Topic 5)
Scenario: You are the newly hired Chief Information Security Officer for a company that has not previously had a senior level security practitioner. The company
lacks a defined security policy and framework for their Information Security Program. Your new boss, the Chief Financial Officer, has asked you to draft an outline
of a security policy and recommend an industry/sector neutral information security control framework for implementation.
Which of the following industry / sector neutral information security control frameworks should you recommend for implementation?
A. National Institute of Standards and Technology (NIST) Special Publication 800-53

B. Payment Card Industry Digital Security Standard (PCI DSS)
C. International Organization for Standardization – ISO 27001/2
D. British Standard 7799 (BS7799)
Answer: C
NEW QUESTION 369

- (Topic 5)
Access Control lists (ACLs), Firewalls, and Intrusion Prevention Systems are examples of
A. Network based security preventative controls

B. Software segmentation controls
C. Network based security detective controls
D. User segmentation controls

Answer: A
NEW QUESTION 371

- (Topic 5)
SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international
standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.
Which of the following is the FIRST action the CISO will perform after receiving the audit report?
A. Inform peer executives of the audit results

B. Validate gaps and accept or dispute the audit findings
C. Create remediation plans to address program gaps
D. Determine if security policies and procedures are adequate
Answer: B
NEW QUESTION 374

- (Topic 5)
Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security
infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive
customer data has been stolen and is now being sold on the Internet by criminal elements. During your investigation of the rumored compromise you discover that
data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has full access to the data
on the foreign server.
What action should you take FIRST?
A. Destroy the repository of stolen data

B. Contact your local law enforcement agency
C. Consult with other C-Level executives to develop an action plan
D. Contract with a credit reporting company for paid monitoring services for affected customers
Answer: C
NEW QUESTION 378

- (Topic 5)
SCENARIO: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation
project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally
thought and will not fit the organization’s needs.
The CISO discovers the scalability issue will only impact a small number of network segments. What is the next logical step to ensure the proper application of risk
management methodology within the two-facto implementation project?
A. Create new use cases for operational use of the solution

B. Determine if sufficient mitigating controls can be applied
C. Decide to accept the risk on behalf of the impacted business units
D. Report the deficiency to the audit team and create process exceptions
Answer: B
NEW QUESTION 381

- (Topic 5)
Scenario: Your organization employs single sign-on (user name and password only) as a convenience to your employees to access organizational systems and
data. Permission to individual systems and databases is vetted and approved through supervisors and data owners to ensure that only approved personnel can
use particular applications or retrieve information. All employees have access to their own human resource information, including the ability to change their bank
routing and account information and other personal details through the Employee Self-Service application. All employees have access to the organizational VPN.
Recently, members of your organization have been targeted through a number of sophisticated phishing attempts and have compromised their system credentials.
What action can you take to prevent the misuse of compromised credentials to change bank account information from outside your organization while still allowing
employees to manage their bank information?
A. Turn off VPN access for users originating from outside the country
B. Enable monitoring on the VPN for suspicious activity
C. Force a change of all passwords
D. Block access to the Employee-Self Service application via VPN
Answer: D
NEW QUESTION 383

- (Topic 5)
When analyzing and forecasting a capital expense budget what are not included?
A. Network connectivity costs

B. New datacenter to operate from
C. Upgrade of mainframe
D. Purchase of new mobile devices to improve operations
Answer: A
NEW QUESTION 387

- (Topic 5)
File Integrity Monitoring (FIM) is considered a

A. Network based security preventative control

B. Software segmentation control
C. Security detective control
D. User segmentation control
Answer: C
NEW QUESTION 388

- (Topic 5)
SCENARIO: A CISO has several two-factor authentication systems under review and selects the one that is most sufficient and least costly. The implementation
project planning is completed and the teams are ready to implement the solution. The CISO then discovers that the product it is not as scalable as originally
thought and will not fit the organization’s needs.
The CISO is unsure of the information provided and orders a vendor proof of concept to validate the system’s scalability. This demonstrates which of the
following?
A. An approach that allows for minimum budget impact if the solution is unsuitable
B. A methodology-based approach to ensure authentication mechanism functions
C. An approach providing minimum time impact to the implementation schedules
D. A risk-based approach to determine if the solution is suitable for investment
Answer: D
NEW QUESTION 393

- (Topic 5)
SCENARIO: A CISO has several two-factor authentication systems under review and
selects the one that is most sufficient and least costly. The implementation project planning is completed and the teams are ready to implement the solution. The
CISO then discovers that the product it is not as scalable as originally thought and will not fit the organization’s needs.
What is the MOST logical course of action the CISO should take?
A. Review the original solution set to determine if another system would fit the organization’s risk appetite and budgetregulatory compliance requirements
B. Continue with the implementation and submit change requests to the vendor in order to ensure required functionality will be provided when needed
C. Continue with the project until the scalability issue is validated by others, such as an auditor or third party assessor
D. Cancel the project if the business need was based on internal requirements versus regulatory compliance requirements
Answer: A
NEW QUESTION 394

- (Topic 5)
Scenario: You are the CISO and have just completed your first risk assessment for your organization. You find many risks with no security controls, and some risks
with inadequate controls. You assign work to your staff to create or adjust existing security controls to ensure they are adequate for risk mitigation needs.
You have identified potential solutions for all of your risks that do not have security controls. What is the NEXT step?
A. Get approval from the board of directors

B. Screen potential vendor solutions
C. Verify that the cost of mitigation is less than the risk
D. Create a risk metrics for all unmitigated risks
Answer: C
NEW QUESTION 397

- (Topic 5)
The Annualized Loss Expectancy (Before) minus Annualized Loss Expectancy (After) minus Annual Safeguard Cost is the formula for determining:
A. Safeguard Value
B. Cost Benefit Analysis
C. Single Loss Expectancy
D. Life Cycle Loss Expectancy
Answer: B
NEW QUESTION 399

- (Topic 5)
Scenario: The new CISO was informed of all the Information Security projects that the section has in progress. Two projects are over a year behind schedule and
way over budget.
Using the best business practices for project management, you determine that the project
correctly aligns with the organization goals. What should be verified next?
A. Scope
B. Budget
C. Resources
D. Constraints
Answer: A
NEW QUESTION 401

- (Topic 5)
Which of the following is MOST useful when developing a business case for security initiatives?

A. Budget forecasts
B. Request for proposals
C. Cost/benefit analysis
D. Vendor management
Answer: C
NEW QUESTION 405

......

Thank You for Trying Our Product
* 100% Pass or Money Back

All our products come with a 90-day Money Back Guarantee.
* One year free update
You can enjoy free update one year. 24x7 online support.
* Trusted by Millions
We currently serve more than 30,000,000 customers.
* Shop Securely
All transactions are protected by VeriSign!
100% Pass Your 712-50 Exam with Our Prep Materials Via below:
https://www.certleader.com/712-50-dumps.html

Powered by TCPDF (www.tcpdf.org)

Sample Ec Council.2passeasy.712 50.vce - Dumps.2024 Jun 02.by - Ellis.358q.vce

Uploaded by

Copyright:

Available Formats

Sample Ec Council.2passeasy.712 50.vce - Dumps.2024 Jun 02.by - Ellis.358q.vce

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Sample Ec Council.2passeasy.712 50.vce - Dumps.2024 Jun 02.by - Ellis.358q.vce

Uploaded by

Copyright:

Available Formats

100% Valid and Newest Version 712-50 Questions & Answers shared by Certleader

https://www.certleader.com/712-50-dumps.html (343 Q&As)

EC-Council Certified CISO (CCISO)

The Leader of IT Certification visit - https://www.certleader.com

A. Information Technology Infrastructure Library (ITIL)

A. Susceptibility to attack, mitigation response time, and cost

A. Contacting the Internet Service Provider for an IP scope

A. Data breach disclosure

The Leader of IT Certification visit - https://www.certleader.com

A. Protect all information resource assets equally

A. by stakeholders at least annually

A. The types of cardholder data retained

A. Controlled mitigation effort

A. Cost and annual rate of expectance

The Leader of IT Certification visit - https://www.certleader.com

A. When there is a need to develop a more unified incident response capability.

A. Reduction of liability and overall risk to the organization

A. integrate with other organizational governance processes

A. Test every three years to ensure that things work as planned

A. Approval from the board of directors

The Leader of IT Certification visit - https://www.certleader.com

A. Confidentiality, Integrity and Availability

A. Multiple certifications, strong technical capabilities and lengthy resume

A. it communicates management’s commitment to protecting information resources

A. Organizational objectives and risk tolerance

A. Strong authentication technologies

The Leader of IT Certification visit - https://www.certleader.com

A. Include a mix of members from different departments and staff levels.

A. Risk Management and Operations

A. security threat and vulnerability management process

A. How many credit card records are stored?

A. Identify threats, risks, impacts and vulnerabilities

A. International Organization for Standardizations – 22301 (ISO-22301)

The Leader of IT Certification visit - https://www.certleader.com

B. Information Technology Infrastructure Library (ITIL)

A. In promiscuous mode and only detect malicious traffic.

A. Lack of a formal security awareness program

NEW QUESTION 100

The Leader of IT Certification visit - https://www.certleader.com

NEW QUESTION 105

NEW QUESTION 106

NEW QUESTION 110

NEW QUESTION 114

A. Creating an inventory of information assets

NEW QUESTION 115

A. Document the process for the stakeholders

NEW QUESTION 117

A. Perform an audit to measure the control formally

The Leader of IT Certification visit - https://www.certleader.com

NEW QUESTION 121

A. Nonlinearities in physical security performance metrics

NEW QUESTION 123

A. Use within an organization to formulate security requirements and objectives

NEW QUESTION 126

A. Desired results or purpose of implementing specific control procedures.

NEW QUESTION 130

NEW QUESTION 131

NEW QUESTION 134

A. Number of callers who report security issues.