Download EC-Council Certified CISO.pass4sureexam.712-50.2019-12-16.1e.211q.vcex

Download Exam

File Info

Exam EC-Council Certified CISO
Number 712-50
File Name EC-Council Certified CISO.pass4sureexam.712-50.2019-12-16.1e.211q.vcex
Size 165 Kb
Posted December 16, 2019
Downloads 57
Download EC-Council Certified CISO.pass4sureexam.712-50.2019-12-16.1e.211q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%


Demo Questions

Question 1

When briefing senior management on the creation of a governance process, the MOST important aspect should be:

  • A: knowledge required to analyze each issue
  • B: information security metrics
  • C: linkage to business area objectives
  • D: baseline against which metrics are evaluated

Correct Answer: C

Question 2

Which of the following should be determined while defining risk management strategies?

  • A: Organizational objectives and risk tolerance
  • B: Enterprise disaster recovery plans
  • C: Risk assessment criteria
  • D: IT architecture complexity

Correct Answer: A

Question 3

A security manager regularly checks work areas after business hours for security violations; such as unsecured files or unattended computers with active sessions.  
This activity BEST demonstrates what part of a security program?

  • A: Compliance management
  • B: Audit validation
  • C: Physical control testing
  • D: Security awareness training

Correct Answer: A

Question 4

Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?

  • A: Need to comply with breach disclosure laws
  • B: Fiduciary responsibility to safeguard credit information
  • C: Need to transfer the risk associated with hosting PII data
  • D: Need to better understand the risk associated with using PII data

Correct Answer: D

Question 5

A method to transfer risk is to______________.

  • A: Implement redundancy
  • B: Move operations to another region
  • C: Alignment with business operations
  • D: Purchase breach insurance

Correct Answer: D

Question 6

An organization licenses and uses personal information for business operations, and a server containing that information has been compromised.  
What kind of law would require notifying the owner or licensee of this incident?

  • A: Consumer right disclosure
  • B: Data breach disclosure
  • C: Special circumstance disclosure
  • D: Security incident disclosure

Correct Answer: B

Question 7

The PRIMARY objective of security awareness is to:

  • A: Encourage security-conscious behavior
  • B: Put employees on notice in case follow-up action for noncompliance is necessary
  • C: Ensure that security policies are read.

Correct Answer: A

Question 8

Which of the following is MOST likely to be discretionary?

  • A: Policies
  • B: Procedures
  • C: Guidelines
  • D: Standards

Correct Answer: C

Question 9

When dealing with Security Incident Response procedures, which of the following steps come FIRST when reacting to an incident?

  • A: Eradication
  • B: Escalation
  • C: Containment
  • D: Recovery

Correct Answer: C

Question 10

What is the relationship between information protection and regulatory compliance?

  • A: That all information in an organization must be protected equally.
  • B: The information required to be protected by regulatory mandate does not have to be identified in the organizations data classification policy.
  • C: There is no relationship between the two.
  • D: That the protection of some information such as National ID information is mandated by regulation and other information such as trade secrets are protected based on business need.

Correct Answer: D





You can buy ProfExam with a 20% discount!


Use ProfExam Simulator to open VCEX and EXAM files