Download ECCouncil.712-50.CertShared.2024-01-31.151q.vcex

Download Exam

File Info

Exam EC-Council Certified CISO
Number 712-50
File Name ECCouncil.712-50.CertShared.2024-01-31.151q.vcex
Size 94 KB
Posted Jan 31, 2024
Downloads: 2
Download ECCouncil.712-50.CertShared.2024-01-31.151q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%

Demo Questions

Question 1

A security manager has created a risk program. Which of the following is a critical part of ensuring the program is successful?

  1. Providing a risk program governance structure
  2. Ensuring developers include risk control comments in code
  3. Creating risk assessment templates based on specific threats
  4. Allowing for the acceptance of risk for regulatory compliance requirements
Correct answer: A

Question 2

Regulatory requirements typically force organizations to implement

  1. Mandatory controls
  2. Discretionary controls
  3. Optional controls
  4. Financial controls
Correct answer: A

Question 3

You have purchased a new insurance policy as part of your risk strategy. Which of the following risk strategy options have you engaged in?

  1. Risk Avoidance
  2. Risk Acceptance
  3. Risk Transfer
  4. Risk Mitigation
Correct answer: C

Question 4

According to the National Institute of Standards and Technology (NIST) SP 800-40, which of the following considerations are MOST important when creating a vulnerability management program?

  1. Susceptibility to attack, mitigation response time, and cost
  2. Attack vectors, controls cost, and investigation staffing needs
  3. Vulnerability exploitation, attack recovery, and mean time to repair
  4. Susceptibility to attack, expected duration of attack, and mitigation availability
Correct answer: A

Question 5

Risk is defined as:

  1. Threat times vulnerability divided by control
  2. Advisory plus capability plus vulnerability
  3. Asset loss times likelihood of event
  4. Quantitative plus qualitative impact
Correct answer: A

Question 6

Which of the following intellectual Property components is focused on maintaining brand recognition?

  1. Trademark
  2. Patent
  3. Research Logs
  4. Copyright
Correct answer: A

Question 7

A business unit within your organization intends to deploy a new technology in a manner that places it in violation of existing information security standards. What immediate action should the information security manager take?

  1. Enforce the existing security standards and do not allow the deployment of the new technology.
  2. Amend the standard to permit the deployment.
  3. If the risks associated with that technology are not already identified, perform a risk analysis to quantify the risk, and allow the business unit to proceed based on the identified risk level.
  4. Permit a 90-day window to see if an issue occurs and then amend the standard if there are no issues.
Correct answer: C

Question 8

An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?

  1. Data breach disclosure
  2. Consumer right disclosure
  3. Security incident disclosure
  4. Special circumstance disclosure
Correct answer: A

Question 9

What is the definition of Risk in Information Security?

  1. Risk = Probability x Impact
  2. Risk = Threat x Probability
  3. Risk = Financial Impact x Probability
  4. Risk = Impact x Threat
Correct answer: A

Question 10

When dealing with a risk management process, asset classification is important because it will impact the overall:

  1. Threat identification
  2. Risk monitoring
  3. Risk treatment
  4. Risk tolerance
Correct answer: C





You can buy ProfExam with a 20% discount!


Use ProfExam Simulator to open VCEX files